urlscan.io logo urlscan.io
SecurityTrails logo

m.creaders.net Open in urlscan Pro
35.82.150.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://m.creaders.net/
Effective URL: https://m.creaders.net/news
Submission: On August 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 9 countries across 69 domains to perform 476 HTTP transactions. The main IP is 35.82.150.30, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is m.creaders.net.
TLS certificate: Issued by Amazon on February 1st 2021. Valid for: a year.
This is the only time m.creaders.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 35.82.150.30 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2620:116:800d... 16509 (AMAZON-02)
1 13.224.96.58 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 13.224.96.14 16509 (AMAZON-02)
1 52.43.139.3 16509 (AMAZON-02)
12 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 142.250.181.226 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
5 13.224.90.44 16509 (AMAZON-02)
8 213.19.147.43 3356 (LEVEL3)
1 2a04:4e42:3::485 54113 (FASTLY)
11 54.155.97.90 16509 (AMAZON-02)
1 3 5.178.65.246 50673 (SERVERIUS-AS)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 178.250.0.165 44788 (ASN-CRITE...)
4 185.33.220.240 29990 (ASN-APPNEX)
2 35.157.246.167 16509 (AMAZON-02)
2 24 2606:4700:20:... 13335 (CLOUDFLAR...)
2 147.75.38.124 54825 (PACKET)
2 185.184.8.65 204995 (RTB-HOUSE...)
4 184.31.84.150 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
43 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 216.58.212.162 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
25 52.1.142.100 14618 (AMAZON-AES)
12 15 216.58.212.130 15169 (GOOGLE)
6 47 2.18.234.21 16625 (AKAMAI-AS)
8 23 37.252.172.45 29990 (ASN-APPNEX)
6 2606:4700:21:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 4 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
1 34.234.42.43 14618 (AMAZON-AES)
2 213.174.135.2 39572 (ADVANCEDH...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
5 2.18.233.180 16625 (AKAMAI-AS)
1 1 213.19.147.44 3356 (LEVEL3)
3 3.230.242.93 14618 (AMAZON-AES)
13 2600:1f18:612... 14618 (AMAZON-AES)
1 52.59.115.28 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
10 3.127.106.123 16509 (AMAZON-02)
10 185.94.180.124 35220 (SPOTX-AMS)
10 2.18.234.233 16625 (AKAMAI-AS)
12 52.29.183.32 16509 (AMAZON-02)
1 2 185.94.180.126 35220 (SPOTX-AMS)
1 185.64.189.115 62713 (AS-PUBMATIC)
2 4 13.248.242.197 16509 (AMAZON-02)
1 2 52.46.154.242 16509 (AMAZON-02)
2 37.252.173.22 29990 (ASN-APPNEX)
1 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 52.31.250.1 16509 (AMAZON-02)
2 54.171.168.191 16509 (AMAZON-02)
5 9 3.126.56.137 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
3 4 151.101.14.49 54113 (FASTLY)
3 3 185.29.132.245 30419 (MEDIAMATH...)
1 52.30.92.119 16509 (AMAZON-02)
1 1 185.183.112.155 60350 (VP)
1 151.101.13.108 54113 (FASTLY)
2 104.109.78.125 16625 (AKAMAI-AS)
7 7 18.197.99.6 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
3 3 18.214.253.211 14618 (AMAZON-AES)
4 178.162.133.149 60781 (LEASEWEB-...)
2 4 54.36.109.49 16276 (OVH)
4 4 216.52.2.48 30282 (AS-INAPCD...)
2 2 35.158.223.21 16509 (AMAZON-02)
2 51.89.9.251 16276 (OVH)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 37.157.4.40 198622 (ADFORM)
3 3 169.50.137.190 36351 (SOFTLAYER)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 52.44.64.106 14618 (AMAZON-AES)
3 3 66.155.71.150 13768 (COGECO-PEER1)
1 35.241.40.233 15169 (GOOGLE)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 135.125.8.70 16276 (OVH)
1 1 52.71.142.200 14618 (AMAZON-AES)
476 82
25    35.82.150.30 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-150-30.us-west-2.compute.amazonaws.com
m.creaders.net
pub.creaders.net
www.creaders.net
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
pixel.quantserve.com
1    13.224.96.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-58.zrh50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
1    2600:9000:2190:5800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    13.224.96.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-14.zrh50.r.cloudfront.net
certify.alexametrics.com
1    52.43.139.3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-139-3.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
12    2606:4700:10::6816:1758 (United States)

ASN13335 (CLOUDFLARENET, US)
services.bilsyndication.com
biltag.bilsyndication.com
assets.bilsyndication.com
stats.bilsyndication.com
8    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
25    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net
c.amazon-adsystem.com
8    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
targeting.unrulymedia.com
1    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
11    54.155.97.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
prebid.ad.smaato.net
3    5.178.65.246 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
4    185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs-simple.com
2    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
24    2606:4700:20::681a:24e (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
4    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:26f0:6c00::210:bb19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.selectmedia.asia
43    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
14    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
15    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2a02:26f0:6c00::210:bb90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.selectmedia.asia
play.selectmedia.asia
25    52.1.142.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-142-100.compute-1.amazonaws.com
track1.aniview.com
15    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
cm.g.doubleclick.net
47    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
23    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
6    2606:4700:21::681b:ce5c (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    34.234.42.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-42-43.compute-1.amazonaws.com
go1.aniview.com
2    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.hb.selectmedia.asia
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
3    3.230.242.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-242-93.compute-1.amazonaws.com
sync.aniview.com
13    2600:1f18:612b:4200:b54f:a79a:adff:b87e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
cguke-lp2na.ads.tremorhub.com
cguke-9h64o.ads.tremorhub.com
1    52.59.115.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-115-28.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    3.127.106.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-106-123.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
10    185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
10    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
12    52.29.183.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
2    185.94.180.126 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    52.31.250.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    54.171.168.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
9    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    52.30.92.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    18.197.99.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    18.214.253.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
4    178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
4    54.36.109.49 (France)

ASN16276 (OVH, FR)
PTR: p04.id5-sync.com
id5-sync.com
4    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    35.158.223.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.sharethrough.com
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
onetag-sys.com
4    2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
3    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    52.44.64.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
3    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
dmp.brand-display.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    135.125.8.70 (France)

ASN16276 (OVH, FR)
PTR: ns3184584.ip-135-125-8.eu
gu.dyntrk.com
1    52.71.142.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
Apex Domain
Subdomains		 Transfer
61 googlesyndication.com
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
357 KB
45 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
51 KB
34 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
308 KB
29 aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
6 KB
26 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
35 KB
26 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
4 MB
25 creaders.net
m.creaders.net
pub.creaders.net
www.creaders.net
3 MB
24 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
10 KB
19 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
5 KB
15 2mdn.net
s0.2mdn.net
450 KB
13 rubiconproject.com
prebid-server.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
14 KB
13 tremorhub.com
cguke-lp2na.ads.tremorhub.com
cguke-9h64o.ads.tremorhub.com
12 KB
12 spotxchange.com
search.spotxchange.com
sync.search.spotxchange.com
12 KB
12 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
10 KB
12 bilsyndication.com
services.bilsyndication.com
biltag.bilsyndication.com
assets.bilsyndication.com
stats.bilsyndication.com
353 KB
11 smaato.net
prebid.ad.smaato.net
4 KB
10 stickyadstv.com
ads.stickyadstv.com
7 KB
9 google-analytics.com
www.google-analytics.com
ssl.google-analytics.com
56 KB
8 selectmedia.asia
tg1.selectmedia.asia
player.selectmedia.asia
play.selectmedia.asia
player.hb.selectmedia.asia
1 MB
8 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
27 KB
8 unrulymedia.com
targeting.unrulymedia.com
680 B
7 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
38 KB
6 indexww.com
js-sec.indexww.com
6 KB
6 vliplatform.com
px.vliplatform.com
2 KB
6 google.com
adservice.google.com
www.google.com
859 B
6 googletagservices.com
www.googletagservices.com
201 KB
5 quantserve.com
edge.quantserve.com
pixel.quantserve.com
10 KB
4 dotomi.com
casale-match.dotomi.com
745 B
4 lijit.com
ap.lijit.com
2 KB
4 id5-sync.com
id5-sync.com
6 KB
4 sonobi.com
sync.go.sonobi.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1007 B
4 adsrvr.org
match.adsrvr.org
1 KB
4 openx.net
us-u.openx.net
u.openx.net
1 KB
4 adnxs-simple.com
ib.adnxs-simple.com
4 KB
3 sitescout.com
pixel-sync.sitescout.com
897 B
3 owneriq.net
px.owneriq.net
1 KB
3 simpli.fi
um.simpli.fi
2 KB
3 adform.net
c1.adform.net
990 B
3 advangelists.com
nep.advangelists.com
681 B
3 mathtag.com
sync.mathtag.com
2 KB
3 googletagmanager.com
www.googletagmanager.com
114 KB
3 criteo.com
bidder.criteo.com
gum.criteo.com
964 B
3 e-planning.net
ads.us.e-planning.net
2 KB
2 dyntrk.com
gu.dyntrk.com
850 B
2 onetag-sys.com
onetag-sys.com
2 KB
2 sharethrough.com
match.sharethrough.com
479 B
2 demdex.net
dpm.demdex.net
2 adroll.com
d.adroll.com
223 B
2 criteo.net
static.criteo.net
52 KB
2 teads.tv
sync.teads.tv
344 B
2 google.de
adservice.google.de
330 B
2 creativecdn.com
prebid-eu.creativecdn.com
352 B
2 a-mo.net
prebid.a-mo.net
614 B
1 extend.tv
sync.extend.tv
546 B
1 bttrack.com
bttrack.com
380 B
1 brand-display.com
dmp.brand-display.com
253 B
1 adentifi.com
rtb.adentifi.com
88 B
1 adotmob.com
sync.adotmob.com
689 B
1 bidr.io
match.prod.bidr.io
430 B
1 turn.com
ad.turn.com
425 B
1 bidswitch.net
x.bidswitch.net
146 B
1 1rx.io
sync.1rx.io
250 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com
552 B
1 quantcount.com
rules.quantcount.com
439 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
2 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
7 KB
476 69
Domain Requested by
43 pagead2.googlesyndication.com m.creaders.net
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
tpc.googlesyndication.com
srcdoc
imasdk.googleapis.com
28 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
ssum.casalemedia.com
ssum-sec.casalemedia.com
25 track1.aniview.com m.creaders.net
25 imasdk.googleapis.com biltag.bilsyndication.com
player.selectmedia.asia
imasdk.googleapis.com
23 ib.adnxs.com 8 redirects googleads.g.doubleclick.net
m.creaders.net
ssum-sec.casalemedia.com
20 sync.quantumdex.io assets.bilsyndication.com
sync.quantumdex.io
ssum-sec.casalemedia.com
17 m.creaders.net 1 redirects m.creaders.net
15 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
15 s0.2mdn.net 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
m.creaders.net
imasdk.googleapis.com
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
m.creaders.net
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
tpc.googlesyndication.com
12 ads.adaptv.advertising.com m.creaders.net
11 cguke-9h64o.ads.tremorhub.com m.creaders.net
11 prebid.ad.smaato.net m.creaders.net
10 ads.stickyadstv.com m.creaders.net
10 search.spotxchange.com m.creaders.net
10 prebid-server.rubiconproject.com m.creaders.net
9 ups.analytics.yahoo.com 5 redirects ssum.casalemedia.com
9 securepubads.g.doubleclick.net www.googletagservices.com
m.creaders.net
securepubads.g.doubleclick.net
8 ssum-sec.casalemedia.com js-sec.indexww.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
sync.quantumdex.io
8 targeting.unrulymedia.com m.creaders.net
8 www.google-analytics.com m.creaders.net
www.googletagmanager.com
www.google-analytics.com
7 pixel.advertising.com 7 redirects
6 js-sec.indexww.com player.selectmedia.asia
ssum-sec.casalemedia.com
assets.bilsyndication.com
6 px.vliplatform.com
6 googleads4.g.doubleclick.net m.creaders.net
6 www.googletagservices.com m.creaders.net
securepubads.g.doubleclick.net
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
6 pub.creaders.net m.creaders.net
5 ads.pubmatic.com player.selectmedia.asia
assets.bilsyndication.com
sync.quantumdex.io
5 c.amazon-adsystem.com biltag.bilsyndication.com
m.creaders.net
4 dsum.casalemedia.com ssum-sec.casalemedia.com
4 casale-match.dotomi.com 4 redirects
4 ap.lijit.com 4 redirects
4 id5-sync.com 2 redirects sync.quantumdex.io
4 sync.go.sonobi.com sync.quantumdex.io
4 sync-tm.everesttech.net 3 redirects ssum-sec.casalemedia.com
4 match.adsrvr.org 2 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
4 www.google.com 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 htlb.casalemedia.com m.creaders.net
4 ib.adnxs-simple.com m.creaders.net
4 assets.bilsyndication.com biltag.bilsyndication.com
4 pixel.quantserve.com 1 redirects m.creaders.net
ssum-sec.casalemedia.com
3 pixel-sync.sitescout.com 3 redirects
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 um.simpli.fi 3 redirects
3 c1.adform.net ssum-sec.casalemedia.com
3 nep.advangelists.com 3 redirects
3 sync.mathtag.com 3 redirects
3 sync.aniview.com player.selectmedia.asia
ssum.casalemedia.com
3 us-u.openx.net 2 redirects googleads.g.doubleclick.net
3 www.googletagmanager.com biltag.bilsyndication.com
play.selectmedia.asia
3 player.selectmedia.asia tg1.selectmedia.asia
player.selectmedia.asia
3 googleads.g.doubleclick.net 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
3 ads.us.e-planning.net 1 redirects m.creaders.net
3 biltag.bilsyndication.com services.bilsyndication.com
biltag.bilsyndication.com
3 services.bilsyndication.com m.creaders.net
2 gu.dyntrk.com 2 redirects
2 onetag-sys.com sync.quantumdex.io
2 match.sharethrough.com 2 redirects
2 ms.quantumdex.io 2 redirects
2 eus.rubiconproject.com player.selectmedia.asia
eus.rubiconproject.com
2 dpm.demdex.net ssum.casalemedia.com
ssum-sec.casalemedia.com
2 d.adroll.com 2 redirects
2 secure.adnxs.com ssum.casalemedia.com
ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 sync.search.spotxchange.com 1 redirects
2 www.creaders.net m.creaders.net
2 stats.bilsyndication.com biltag.bilsyndication.com
2 cguke-lp2na.ads.tremorhub.com m.creaders.net
2 static.criteo.net assets.bilsyndication.com
m.creaders.net
2 player.hb.selectmedia.asia m.creaders.net
2 play.selectmedia.asia m.creaders.net
player.selectmedia.asia
2 sync.teads.tv googleads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 prebid-eu.creativecdn.com m.creaders.net
2 prebid.a-mo.net m.creaders.net
2 useast.quantumdex.io m.creaders.net
2 c2shb.ssp.yahoo.com m.creaders.net
2 bidder.criteo.com m.creaders.net
2 hbopenbid.pubmatic.com m.creaders.net
1 sync.extend.tv 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 token.rubiconproject.com
1 acdn.adnxs.com player.selectmedia.asia
1 sync.adotmob.com 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 x.bidswitch.net
1 ssum.casalemedia.com player.selectmedia.asia
1 u.openx.net 1 redirects
1 sync.1rx.io 1 redirects
1 gum.criteo.com static.criteo.net
1 go1.aniview.com m.creaders.net
1 tg1.selectmedia.asia securepubads.g.doubleclick.net
1 cdn.jsdelivr.net m.creaders.net
1 stats.g.doubleclick.net m.creaders.net
1 ssl.google-analytics.com 1 redirects
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com m.creaders.net
1 certify.alexametrics.com m.creaders.net
1 rules.quantcount.com edge.quantserve.com
1 d31qbv1cthcecs.cloudfront.net m.creaders.net
1 edge.quantserve.com m.creaders.net
1 fonts.googleapis.com m.creaders.net
1 maxcdn.bootstrapcdn.com m.creaders.net
476 109

This site contains links to these domains. Also see Links.

Domain
www.creaders.net
www.youtube.com
Subject Issuer Validity Valid
*.creaders.net
Amazon		 2021-02-01 -
2022-03-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
bilsyndication.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
smaato.net
Sectigo ECC Organization Validation Secure Server CA		 2020-07-28 -
2022-10-04		 2 years crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
ads.us.e-planning.net
R3		 2021-08-01 -
2021-10-30		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2021-03-17 -
2022-03-15		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
wl.aniview.com
R3		 2021-07-29 -
2021-10-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.aniview.com
Amazon		 2021-02-04 -
2022-03-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
player.hb.selectmedia.asia
R3		 2021-07-03 -
2021-10-01		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh

This page contains 81 frames:

Primary Page: https://m.creaders.net/news
Frame ID: 86FB8FB538635704B91A1CB388E1DB3B
Requests: 214 HTTP requests in this frame

Frame: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 984AAC941C00A9290B6D4EEDC3791738
Requests: 1 HTTP requests in this frame

Frame: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7C515D6E37F4A968DFB90BDFDD8E3129
Requests: 14 HTTP requests in this frame

Frame: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A9458709499A41757E388430DC2B022F
Requests: 13 HTTP requests in this frame

Frame: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A60DE01495C685BE66411AC5BC01F2E3
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgWeL0yRKnIeKg2vwtUJB5xnW8PY3_6H6SM_Py_WfRWc082KY4CqKmScj2slN3QZe36qnP025-abVOkIfwej7KQrehbnhVVOt4gAzKFfe76zmaJpWa20HB_APMVx1_Cb58qCwsqI65NxBQG13um8nlLlXQULmVD-DKQ4RkjTv1krdWTnGjQrpI1bSYuHo5vq6UCyQvANTUZJMd1U8yW64_YP7OYIplKH1DJjz9ZqFP9R76YkFh31Nw2n4IKlFTO_9-Cm1qKEkMsK-iKshgwcsJ8ZKInWRJjqC9foCWMUyHQ5_Iy5eQrZuOUN33ZI4f30c-g7pOqy6gfEw&sai=AMfl-YTtk7sokhTxCqu4DqY74ds5aOXpfrVkc9_SxsUbmSirjf7jUnFhDrwP-cpSTJM8Un1fBVNCpCZbtRf0F3-O9af7cLlXClpQUU-dFFdGMbKBzylXAB-7o9qz9BGXifP4&sig=Cg0ArKJSzDDayhg1mv_AEAE&urlfix=1&adurl=
Frame ID: 4AF7DDDC2FFD33499D330E96A3E1B1B7
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNWYNjRMXYqy8X1jj8BlMYlGpBDWdmHoStuMJlRHSPqN_WCt15C01Zfxl1EE7WQWFR01KbRLJqp8XHgL0EWMAWQbLs7w9-lZwzxc8Pbe2mz9C85LFgOYt2uHmgYKc5DYlxO_6dQuoLNNMqw7SbQpmucMHJug9qien4YLBVeEG11wzW3Q2Hw
Frame ID: CE11F333B4104994B69FA023013A7C18
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNXhtpGwHwCuFhI_1d9D9aWW1SUzryVnngD5ZEhBIA6gQ5NJICkJOK1C8kjLqaqAy8l_3cevWJKTQNQhcn8g-lM7mt81zHPoyd8KT8t7-fooKigKBTsQJFIefkh0J2Xz-U9pNe0OrImYjugr2EYpQkwptOxFarHD35ucMy906bT3yHF8ezc
Frame ID: DC6F7BF8DED715C392FEA455AD45D438
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNV6xbJhe2FgCyXSOEojDC4tzyO_XvXjpWKhsbQq-FF9fVRWKC5zfweON981Q5IGI1nnpak_qq9KSSLYYo0G3LVMdhhg12CBwdHhLAswE8jIUpa5n03b9kJ-fhyiQ-0sLCmPeCKKK2wCTqjZ0qQLRL8VhKyRaUb01l4zPaIJ-hjzFe5jUZ8
Frame ID: FAA5B03A74F2EE4EEB6B070212002EC8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 722CF9E0E83E28249F2BDF2FB1DC9031
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B92E7E9AF25CED07A37EEDEAEFE10739
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E43D6745130AC2ABBA8B79680CE2B4B8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E04216FCE0DDAF5D0DC595B911732AB8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 812F62A0B0415575E34486629A984C4C
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: 047CDAF45A5C29EC596026C626BEB466
Requests: 6 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: DA2D3335AB2ED14408E15DE68E8D7EC6
Requests: 3 HTTP requests in this frame

Frame: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Frame ID: 8EE790A2CAF0EF9520BB2042D8909125
Requests: 4 HTTP requests in this frame

Frame: https://player.hb.selectmedia.asia/prebidlink/452208/hb_310028_7816.js
Frame ID: 05DFD3D2D7CF96E4040EBA8AEE0F6C16
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=m.creaders.net&gdpr=1&gdpr_consent=
Frame ID: 078778AC9D4414E9BD95D2DF7648E69C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D1%26key%3D
Frame ID: 4657D231D1E4D28D932EA24144EE4F5E
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=13&key=OPTOUT
Frame ID: C4EE76AC97644DF1CECB7F6AA91AA122
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=23&key=00cc7fff-a5a6-4aed-82c3-339c0a38e086
Frame ID: 3FB45A5A29480F624DF49C55B43BF98D
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D42%26key%3D
Frame ID: 51CA976918634C44EBD94B6A69ECDDFD
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C7AED07D2854088EDAB97C0C5B932654
Requests: 1 HTTP requests in this frame

Frame: https://biltag.bilsyndication.com/passback/?t=1627751911&d=357&z=23383&divID=vi_35723383_670&w=336&h=280
Frame ID: 78C1104DC929A285CF8ED0F5E2C49F2A
Requests: 3 HTTP requests in this frame

Frame: https://biltag.bilsyndication.com/passback/?t=1627751911&d=357&z=1045&divID=vi_3571045_633&w=300&h=250
Frame ID: 906BAD8D499EED0BBAA56CEB2C03B799
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E7CCA0A3621FCA938DC76F10BAD53EE7
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: DBCC8F3165B28FDA84536C00D9426B70
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 2E430BE84BDD341FB696BAC63A9587CD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 629077FD2DDFC859EA15710A417436E2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 322796A2E8A1AF28BF445183DCFAD5E6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5F5993954AE3E52E1EE5E714364B0341
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C18A1CE692D53BC102F78623A35EC1FE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 872A5D2B2721E1009C7B52D944A97038
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D58CE3F39A2ED9D3EBCB1FDA1ED8A640
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C2B1956945EA0B3C329C5E3B7F398927
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 0B38ACEED87477724C2500174410D229
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1825AE7B9B0DF9B262E550475A276CF9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 01616867F068A79C5A5DFE3FF936BBCB
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: D71DB7B6B1F062DDC48BDB89B50821B5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 18C6F5A5C149F92724FBB786B0D0892E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 65DF90508018C6018BDC492C77E4C804
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 0F3D861F59801EB0C808EED98E235505
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6E00713904340E8E93DF527694351F49
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 353BC5F3AD9DE84D8E4F529E1E83FBC0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: ABB5238B9D2ED6CD1C45BB3D5A39A977
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Frame ID: FDBD482C24D8C079EADC78E6421425F3
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: D0817326BB8F568F8BC7CF03943C6BA5
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6F816CF5441A3606C4032C1BF0C89298
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 7FEB50978E18FAEA8B1C813D16E6D280
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 845CFB3C41C5F1548B872618F10036DA
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F1A818AE60AE9AD297CB91B474938292
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 3A6B961350D46316C333E85ABAB8FB5D
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 05F67E4B118EC0D16B0165E15282CF6D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 777641785748F07BE265B16FDC250AE8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 97ECFBB02C6615A842BCBC4FAE3232AD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 8B2351031C904A16C844076697B70581
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 0A123AF91C1E2FE4BF0C8AB8893A460E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: E247F3DBC08F94E085FF152798D82792
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: F71686B7069CA361572B98C8CF1261DB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E48D597354064253B5367ADAE75F1DD4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 529C8FD36B1D8E89DA3D1F4BAF33E4B4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 60F8C3B9173A8D5CFB80A654E73169FB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D952EB1F01CF98B5FB87956F9BC94A66
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 1C00A7FD06C9137FAC9DBFBD68506A0F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: BA8A96EE092FEC0F8CE7773689FE9C77
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: D7A41ECAFCEEE5BD80C3D54C0999D7FC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DBF623369DE3E2F6CC4697EEAD48E397
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7BF7D78B5AF5207B5F2618B5A62241A4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D9B0822C0813274DB7B6D39531F76C8F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 77E7F80A5F9088329DC02AF7112FD097
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 66FDF3080F1D6DE53FAC3CBE1BB804F6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8E09E941F64B0341BA986A151EF3F992
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: DD6DF441058527FFE8BF237AEF48E04B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 306895E96F46D20EE391E79C184FE3E9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8DC36DEE94F199B4CA7DEF1375BB99E4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 7FCF19207DCE1A89BE47B37CBA2A1F5F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E215197C23EC58897FACF4100C1C6DA4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: CD3AD8AE8723F0D9AE9E79DE78FEBC88
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: F8D0798437D7EF5E386802AADDCCDAD6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8A7594D176C9964D801A90588A77C610
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://m.creaders.net/ HTTP 302
    https://m.creaders.net/news Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

476
Requests

97 %
HTTPS

33 %
IPv6

69
Domains

109
Subdomains

82
IPs

9
Countries

10069 kB
Transfer

23170 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://m.creaders.net/ HTTP 302
    https://m.creaders.net/news Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1773724729&utmhn=m.creaders.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1033629119&utmr=-&utmp=%2Fnews&utmht=1627949553305&utmac=UA-3412968-2&utmcc=__utma%3D77545162.332785264.1627949553.1627949553.1627949553.1%3B%2B__utmz%3D77545162.1627949553.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1227479496&utmredir=1&utmu=DBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=332785264.1627949553&jid=1227479496&_v=5.7.2&z=1773724729
Request Chain 58
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/m.creaders.net/ROS?rnd=0.326071275800925&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fm.creaders.net%2Fnews&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fm.creaders.net%2Fnews&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/m.creaders.net/ROS?ct=1&r=pbjs&rnd=0.326071275800925&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fm.creaders.net%2Fnews&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fm.creaders.net%2Fnews&gdpr=1&gdprcs=
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1&C=1
Request Chain 151
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQiJ8ypaTdtnMWUKFIFXfgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
Request Chain 152
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDlIELKFoC6MGCaYNR-s5ow&google_cver=1
Request Chain 153
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODY1NjAzMjQ4MjU1MjIy
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
Request Chain 155
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQiJ8ypaTdtnMWUKFIFXfgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDlIELKFoC6MGCaYNR-s5ow&google_cver=1
Request Chain 157
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODY1NjAzMjQ4MjU1MjIy
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJsUqneb27KSwgqO3ovbpqo&google_cver=1
Request Chain 168
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWFlZDE0MWMtMDNiNi0yNWExLWU2NGUtNGYyOGZhYzM2Y2Vl
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECb8oWyG2MuLwRJyNVZvh2w&google_cver=1
Request Chain 207
  • https://sync.1rx.io/usersync2/selectmedia?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D13%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=13&key=OPTOUT
Request Chain 208
  • https://u.openx.net/w/1.0/cm?id=36800e4a-7fee-40ba-bcb0-adf158f0815f&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D23%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=23&key=00cc7fff-a5a6-4aed-82c3-339c0a38e086
Request Chain 236
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=81ac0117-f3ef-11eb-b7eb-17d925990206
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
Request Chain 241
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB&dcc=t
Request Chain 244
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 249
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3672896151570425710
Request Chain 250
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YQiJ9AADLXX65ABg HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQiJ9AADLXX65ABg&gdpr=1&_test=YQiJ9AADLXX65ABg
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
Request Chain 253
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=068b220438a18471fd45e6e6&expiration=[EXPIRATION]&gdpr=1
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
Request Chain 271
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YQiJ9AADLXX65ABg&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YQiJ9AADLXX65ABg&_origin=0&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YQiJ9AADLXX65ABg&_origin=0&gdpr=0&gdpr_consent=&apid=UP822295d5-f3ef-11eb-821a-02407095623c
Request Chain 272
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=9c121b11d448f9ceb9c4dcd546cc267&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g043_6991990106852862640 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OWMxMjFiMTFkNDQ4ZjljZWI5YzRkY2Q1NDZjYzI2Nw==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAxdh4e0XfI4kvlsLHvYmNo&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=21972bee-26c8-4255-96c3-cb8e625d1a3a HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/9c121b11d448f9ceb9c4dcd546cc267&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-9A6dxu5E2oMy8u_.gjXy__ZAW1daLnQNUlZXNsnd~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=533865603248255222 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YQiJ9AADLXX65ABg&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=GjW9oaDq1MaI2W5&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=9119958038253429946
Request Chain 273
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP822295d5-f3ef-11eb-821a-02407095623c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA4MjIyOTVkNS1mM2VmLTExZWItODIxYS0wMjQwNzA5NTYyM2M%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEBPnKKen9EXfYc6pVLb4c7c&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEBPnKKen9EXfYc6pVLb4c7c&google_cver=1&apid=UP822295d5-f3ef-11eb-821a-02407095623c
Request Chain 274
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=21972bee-26c8-4255-96c3-cb8e625d1a3a&_origin=1&gdpr=1&gdpr_consent=
Request Chain 325
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-05f50920-8b08-445a-aa12-0b0b2735e747
Request Chain 326
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uJ16WpJE2uG3Za5fuqzGGHjMdPVlNx6wUs2eBZk-~A
Request Chain 327
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533865603248255222
Request Chain 329
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533865603248255222
Request Chain 330
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3a5e0857-da57-45db-a1cb-23feff8a0e50
Request Chain 331
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 332
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=0adce1802bb8b43fedc56bf3
Request Chain 333
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP822295d5-f3ef-11eb-821a-02407095623c HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP822295d5-f3ef-11eb-821a-02407095623c
Request Chain 334
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=926c23af-ccfe-4b39-99a2-4b7e3c609236
Request Chain 339
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533865603248255222
Request Chain 341
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=054f503c-a3f9-43f3-bf76-4959b5e1ad2c
Request Chain 342
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533865603248255222
Request Chain 343
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 344
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=a04ff4cbefefd4539a9d9159
Request Chain 345
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP822295d5-f3ef-11eb-821a-02407095623c HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP822295d5-f3ef-11eb-821a-02407095623c
Request Chain 346
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3050800c-e6da-4254-9c4e-435af497fba3
Request Chain 347
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-913a6bd1-a89c-45ee-8d43-3852c6cea747
Request Chain 348
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uJ16WpJE2uG3Za5fuqzGGHjMdPVlNx6wUs2eBZk-~A
Request Chain 353
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
Request Chain 355
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6DC0DBCD40DE480C880F3B6414F5EE60&gdpr=1
Request Chain 356
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Rbp32UuyIddevH7UEbtq1kLpdYdeuX-DSrJXmgU6
Request Chain 358
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6812359611272421112&uid=Q6812359611272421112&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
Request Chain 369
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
Request Chain 371
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
Request Chain 372
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DEEB8565E29946C78112220E936E701E&gdpr=1
Request Chain 374
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
Request Chain 378
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
Request Chain 379
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
Request Chain 381
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=59662A9E9B0448CFB83D6863EB56C8BC&gdpr=1
Request Chain 385
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
Request Chain 387
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
Request Chain 389
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
Request Chain 391
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ef2384af-1f66-46b3-8c7f-f55d72106ef9
Request Chain 392
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 393
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=05905569-7188-4387-b0c4-78b78f925486 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=05905569-7188-4387-b0c4-78b78f925486&C=1
Request Chain 394
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

476 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request news
m.creaders.net/
Redirect Chain
  • https://m.creaders.net/
  • https://m.creaders.net/news
258 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache / Express
Resource Hash
908989c7f882114d193e7d09a0aababaa0e1bbba442cb0fe5549486e3e9a0f65

Request headers

:method
GET
:authority
m.creaders.net
:scheme
https
:path
/news
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:31 GMT
content-type
text/html; charset=utf-8
content-length
43044
server
Apache
x-powered-by
Express
vary
Accept-Encoding
content-encoding
gzip
etag
W/"40707-2cLBCUFu5aFMBseFW493hnrtdAg"

Redirect headers

date
Tue, 03 Aug 2021 00:12:31 GMT
content-type
text/html; charset=iso-8859-1
content-length
211
location
https://m.creaders.net/news
server
Apache
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
11502907
cdn-cachedat
2021-03-11 11:57:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
50f270cef956c80b14f61fa9ad96c573
cf-ray
678b55babbd742e1-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
icon
fonts.googleapis.com/ 		568 B
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30e075d3f06d246537205c33de00164ddc2997625fcbaed7c2f6ab87f5035727
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 00:12:31 GMT
server
ESF
date
Tue, 03 Aug 2021 00:12:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Aug 2021 00:12:31 GMT
styles.css
m.creaders.net/ 		154 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/styles.css
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
af8ffb508f5906b156a74613333854a1dc4bf1e19879e02790e10036c77794a1

Request headers

:path
/styles.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:31 GMT
content-encoding
gzip
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
etag
"26697-5aaaea7dbda7b"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
25235
20210802_16279469355193_s.jpg
pub.creaders.net/upload_files/image/202108/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202108/20210802_16279469355193_s.jpg
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
e821ee7d19a68643b9473143ddd75595a5081434fedea1562c1f794f6b4fd17f

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
last-modified
Mon, 02 Aug 2021 23:28:56 GMT
server
AmazonS3
x-amz-request-id
FYG49P16YG663T1K
etag
"c07e3eee439384e5dda32fc80067296f"
content-type
image/jpeg
content-length
9979
x-amz-id-2
kCe1nF8wI7IyG1WYkNDjX20JsX5DuELn8dOrMgel2k1WuqzuOa0ptaKKQXqyNrIudgfb08WdBTo=
20210802_16279457139605_s.webp
pub.creaders.net/upload_files/image/202108/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202108/20210802_16279457139605_s.webp
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
b567f5736520c84179b0684dbce090dafcad6541e0fcee4235583e0aa73b326f

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
last-modified
Mon, 02 Aug 2021 23:08:34 GMT
server
AmazonS3
x-amz-request-id
FYGAA9SQ1H9QFQM8
etag
"79b0c7a724000c93fbc631c5f1d860fe"
content-type
application/octet-stream
content-length
152366
x-amz-id-2
yha3cBOCpFOeNChBb9gY1QDjXNCicAu23+JBrYtCMCRPWyjohvqvc6QT3my5myN1wppxRP/fr5I=
20210802_16279449855315_s.gif
pub.creaders.net/upload_files/image/202108/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202108/20210802_16279449855315_s.gif
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
c75d0455a9310b7ba49a953d2b120fa2e2a4ee20beda6ee243061c5f3ca54103

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
last-modified
Mon, 02 Aug 2021 22:56:27 GMT
server
AmazonS3
x-amz-request-id
FYG40H93YMYPDHNA
etag
"87c3d2feb9ccbeb978e1f0736d8fe39f"
content-type
image/jpeg
content-length
3619
x-amz-id-2
zcg9uWmp+FKtpRBqewQKUOBPd8Z9QDEnzABuwYeP3LVyXTCg/Z0CL6Ex3LJdazzhWzAg5FClIaA=
20210802_16279404545633_s.jpg
pub.creaders.net/upload_files/image/202108/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202108/20210802_16279404545633_s.jpg
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
7082a507f2c4b3dcf0be67afead1d93f6702a9d541a1476fe8ef7e46acbbb355

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
last-modified
Mon, 02 Aug 2021 21:40:55 GMT
server
AmazonS3
x-amz-request-id
FYGADDM2AGBYGWHD
etag
"4821b0c9bd0cd6e9a55ae006c06a22a6"
content-type
image/jpeg
content-length
12348
x-amz-id-2
v3gPymdwykuQXj0LO8aVtbxvj3cRDMAgPUZfvyvbdkHHnRbR3R5AvjeqCIiP9wMGjvYHRnKJXXA=
20210802_16279375518314_s.png
pub.creaders.net/upload_files/image/202108/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202108/20210802_16279375518314_s.png
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
26736ea9bd02f1b9bfe69c088d8a9769ff423801400d038834674aff4bf7aaaa

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
last-modified
Mon, 02 Aug 2021 20:52:32 GMT
server
AmazonS3
x-amz-request-id
FYG7NTPFZ95HXQR1
etag
"3da9a2c4054825c03586b002c1779135"
content-type
image/jpeg
content-length
11254
x-amz-id-2
WVLHhUllFPI5y43L4wog/ialDqV1T2dE7pGLJULlTg8KMkG7/RCCKFwz56LonpSyQ4bMNEW7hl8=
20210802_16279395781503_s.png
pub.creaders.net/upload_files/image/202108/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.creaders.net/upload_files/image/202108/20210802_16279395781503_s.png
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
6c90a1ca2e34b39a58236f7b681002b316ef364184611c5e8ede3a27e2ca23b1

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
last-modified
Mon, 02 Aug 2021 21:26:19 GMT
server
AmazonS3
x-amz-request-id
FYG8SDXPG28AYH6T
etag
"668618e9b1bee3e71a608bfd0ed8b0c2"
content-type
image/jpeg
content-length
23954
x-amz-id-2
JSABmqNKXxvgiS89g3NCOMvtoeHTGiyPLEI+fEYO/PkVP1DoaGZc0RSsF9S0Y3KMlO6n05EWaX8=
default.gif
m.creaders.net/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.creaders.net/assets/img/default.gif
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
6b6f349ceb3608a039aa878779bfd37599ef95f04101811d090a34492ff1a190

Request headers

:path
/assets/img/default.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"4b7-5aaaea7dcc0f2"
content-length
1207
content-type
image/gif
ad_number.jpg
m.creaders.net/assets/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.creaders.net/assets/img/ad_number.jpg
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d819c737da08dddc192a8ad4356254b140e891f65d2024d555265ae3bd85b013

Request headers

:path
/assets/img/ad_number.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"5a2e-5aaaea7dcc0f2"
content-length
23086
content-type
image/jpeg
quant.js
edge.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.quantserve.com/quant.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:31 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 10 Aug 2021 00:12:31 GMT
runtime.js
m.creaders.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/runtime.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c36dc2640916d6a9d9b1a895fbd674414b1d4ed8bb5007633cb265de0f771e5f

Request headers

:path
/runtime.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:31 GMT
content-encoding
gzip
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
etag
"880-5aaaea7dbd693"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
1089
polyfills.js
m.creaders.net/ 		100 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/polyfills.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c3a7e92d6ee5f0130be8d10898e2e3c229047ef9ea20c79c451d6c59dc6e6ce7

Request headers

:path
/polyfills.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
content-encoding
gzip
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
etag
"18f36-5aaaea7dbd693"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
33836
main.js
m.creaders.net/ 		934 KB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/main.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
16804cb00c0df0889ea7744cc8ff04404520f5962e07450938533c4f1fdafad9

Request headers

:path
/main.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 18:02:06 GMT
server
Apache
etag
"e9682-5c3cc41ae9094"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
icon-news.png
m.creaders.net/assets/img/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.creaders.net/assets/img/icon-news.png
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
de9c099ca6fc03f9f982a3c26d5e54d90657cc0ed578823a90ee62324bbf9124

Request headers

:path
/assets/img/icon-news.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
m.creaders.net
referer
https://m.creaders.net/styles.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"59da-5aaaea7dcc4da"
content-length
23002
content-type
image/png
opacity.png
m.creaders.net/assets/img/ 		923 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.creaders.net/assets/img/opacity.png
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/styles.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c26b66f4c5b2fc2c130367ddebfa529c1343fd6a64a9e2f381d032d35c8972c5

Request headers

:path
/assets/img/opacity.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
m.creaders.net
referer
https://m.creaders.net/styles.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
accept-ranges
bytes
etag
"39b-5aaaea7dcc8c2"
content-length
923
content-type
image/png
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-58.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
8402705
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
6ZG76untlCkNGaXX6ukHw9qWMMBrIgk6qNxsfP7rLFD01BVkbbL5yg==
rules-p-e4UytPLDQQKlw.js
rules.quantcount.com/ 		3 B
439 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-e4UytPLDQQKlw.js
Requested by
Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 05:44:24 GMT
via
1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
age
66489
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:01:36 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
vEcGAX2vH8_YkGkCG2s6Ugj9UrPc7UqESYC4R2FIE0Lz68pugDnUqw==
pixel;r=2133129542;rf=0;a=p-e4UytPLDQQKlw;url=https%3A%2F%2Fm.creaders.net%2Fnews;uht=2;fpan=1;fpa=P0-862345634-1627949552317;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2133129542;rf=0;a=p-e4UytPLDQQKlw;url=https%3A%2F%2Fm.creaders.net%2Fnews;uht=2;fpan=1;fpa=P0-862345634-1627949552317;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=creaders.net;je=0;sr=1600x1200x24;dst=1;et=1627949552317;tzo=-120;ogl=
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=&time=1627949552726&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fm.creaders.net%2Fnews&random_number=7267987993&sess_cookie=a3b8213917b095ad455655ef5cd&sess_cookie_flag=1&user_cookie=a3b8213917b095ad455655ef5cd&user_cookie_flag=1&dynamic=true&domain=creaders.net&account=gYXUm1a4KM+2mh&jsv=20130128&user_lang=en-US
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-14.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 03:30:10 GMT
Via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
74542
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
ZRH50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
vw-IV1dyLIOi9R246hIGG6_2eUmSii3-Upkb5zoiZFgQj9n8E0QakQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.139.3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-139-3.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
server
Server
2.js
m.creaders.net/ 		98 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/2.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/runtime.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
469de99b6c632e00c967846fbe9cd4133d163db31d8fa3835c4ef5ef6ed6b202

Request headers

:path
/2.js
pragma
no-cache
cookie
__qca=P0-862345634-1627949552317; __asc=a3b8213917b095ad455655ef5cd; __auc=a3b8213917b095ad455655ef5cd
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
content-encoding
gzip
last-modified
Sat, 29 May 2021 03:37:40 GMT
server
Apache
etag
"18994-5c36fb6e18086"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
22697
common.js
m.creaders.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/common.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/runtime.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
2a6dddb94c7d3eec3ebdfeccfe224df75d5a7d659a44c299c6ef965d83b0b457

Request headers

:path
/common.js
pragma
no-cache
cookie
__qca=P0-862345634-1627949552317; __asc=a3b8213917b095ad455655ef5cd; __auc=a3b8213917b095ad455655ef5cd
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 01:36:07 GMT
server
Apache
etag
"12b4-5adbdd7fe3d8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
1357
10.js
m.creaders.net/ 		111 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/10.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/runtime.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b51b0c63fb8a8ef6c8cd658afc93c4aee286349fc2efc02f9c3a0effa4aea2c2

Request headers

:path
/10.js
pragma
no-cache
cookie
__qca=P0-862345634-1627949552317; __asc=a3b8213917b095ad455655ef5cd; __auc=a3b8213917b095ad455655ef5cd
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:32 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 18:02:06 GMT
server
Apache
etag
"1bb2b-5c3cc41ae753c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
17749
/
services.bilsyndication.com/adv1/ 		950 B
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/adv1/?d=357
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e7904cb250fb37f8402f9c67f588c7404b0cf76bd753b607c970ab38275d97
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 3 Aug 2021 00:12:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
678b55c37b4a5364-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
on, 01 Jan 1970 00:00:00 GMT
ga.js
www.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
2711
date
Mon, 02 Aug 2021 23:27:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 03 Aug 2021 01:27:22 GMT
3.js
m.creaders.net/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/3.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/runtime.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
63267fd5b37eaf6c57c16985e8a32a003b652263e621bfb697708efde4e96427

Request headers

:path
/3.js
pragma
no-cache
cookie
__qca=P0-862345634-1627949552317; __asc=a3b8213917b095ad455655ef5cd; __auc=a3b8213917b095ad455655ef5cd
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
gzip
last-modified
Sat, 18 Jul 2020 03:13:20 GMT
server
Apache
etag
"5215-5aaaea7dbbb3b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
6119
8.js
m.creaders.net/ 		134 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/8.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/runtime.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
1c78f996eb0fd293fde064129eb76e6d1e6959278ef3761d25bb2beb9b3d0c2a

Request headers

:path
/8.js
pragma
no-cache
cookie
__qca=P0-862345634-1627949552317; __asc=a3b8213917b095ad455655ef5cd; __auc=a3b8213917b095ad455655ef5cd
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 18:02:06 GMT
server
Apache
etag
"217f3-5c3cc41ae7d0c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
21415
7.js
m.creaders.net/ 		308 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/7.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/runtime.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f90acd9088f31a57f9c8b142bc205164a2001ead5fff1a4949f5808382820fb5

Request headers

:path
/7.js
pragma
no-cache
cookie
__qca=P0-862345634-1627949552317; __asc=a3b8213917b095ad455655ef5cd; __auc=a3b8213917b095ad455655ef5cd
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 18:02:06 GMT
server
Apache
etag
"4d1f8-5c3cc41ae7d0c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
9.js
m.creaders.net/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.creaders.net/9.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/runtime.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5872835a3d95b64412777285d9e45733e9f3d6276dc02fc815a31211251d0909

Request headers

:path
/9.js
pragma
no-cache
cookie
__qca=P0-862345634-1627949552317; __asc=a3b8213917b095ad455655ef5cd; __auc=a3b8213917b095ad455655ef5cd
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
m.creaders.net
referer
https://m.creaders.net/news
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://m.creaders.net/news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 18:02:06 GMT
server
Apache
etag
"3ed2-5c3cc41ae7d0c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
4552
gpt.js
www.googletagservices.com/tag/js/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d340b641c9f01093c3b4805b0c1c998308598c1e8623dbfeb5ee87d0947ae089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"947 / 933 of 1000 / last-modified: 1627942337"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24695
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:33 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1773724729&utmhn=m.creaders.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1033...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=332785264.1627949553&jid=1227479496&_v=5.7.2&z=1773724729
35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=332785264.1627949553&jid=1227479496&_v=5.7.2&z=1773724729
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 03 Aug 2021 00:12:33 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:33 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3412968-2&cid=332785264.1627949553&jid=1227479496&_v=5.7.2&z=1773724729
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
369
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021072901.js
securepubads.g.doubleclick.net/gpt/ 		325 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 08:44:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116135
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		276 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.creaders.net
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
54599cc22f8debc1020c15a634ac231ae6587e14da2795debfd92917c78a9419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:33 GMT
/
services.bilsyndication.com/uv/ 		13 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/uv/?page_url=https%3A%2F%2Fm.creaders.net%2Fnews&mtk=357
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:33 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 3 Aug 2021 00:12:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
678b55c46fba4d84-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13
x-xss-protection
1; mode=block
expires
on, 01 Jan 1970 00:00:00 GMT
48fa7cd880dd48ce89b6a7d4785f9ea2.js
biltag.bilsyndication.com/v1/1627751911/ 		548 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Requested by
Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?d=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
860b5e091460d215bed614dc09546612002a6dc4db5225961adabfc374ad49e1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
197627
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
678b55c46c815364-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
services.bilsyndication.com/uv/ 		13 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.bilsyndication.com/uv/?page_url=https%3A%2F%2Fm.creaders.net%2Fnews&mtk=357
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:33 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 3 Aug 2021 00:12:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
678b55c46fb94d84-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13
x-xss-protection
1; mode=block
expires
on, 01 Jan 1970 00:00:00 GMT
cmp-v2.0.1.js
assets.bilsyndication.com/plugins/cmptcf2/ 		267 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
928824
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
678b55c51d375364-FRA
expires
Fri, 23 Jul 2021 06:42:09 GMT
prebid-v5.5.3.js
assets.bilsyndication.com/prebid/default/ 		442 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ce288c7515b31536e66d76bba32b7dc54eef765d3a31be56b2a13842b1335b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
373481
cf-polished
origSize=453257
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Thu, 29 Jul 2021 16:27:43 GMT
server
cloudflare
etag
W/"6102d6ff-6ea89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
678b55c51d365364-FRA
expires
Thu, 29 Jul 2021 16:57:52 GMT
viPlayer_v47.min.js
assets.bilsyndication.com/plugins/vlPlayer/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/plugins/vlPlayer/viPlayer_v47.min.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820940626c8b0ea4d61278c472b9f3f4b02358cbba4c85c0bb22c1d14584b806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
661732
cf-ray
678b55c51d395364-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 26 Jul 2021 08:09:01 GMT
server
cloudflare
etag
W/"60fe6d9d-3700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Mon, 26 Jul 2021 08:53:41 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:33 GMT
sf_host.min.js
assets.bilsyndication.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bilsyndication.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2063104
cf-ray
678b55c51d385364-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Sat, 10 Jul 2021 03:37:29 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
content-encoding
gzip
server
Server
age
268
etag
f8520ea4ebd91256d6b4f461d472242a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Tue, 03 Aug 2021 00:08:06 GMT
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
K0g0QoxHVRvAOobRz4v84QoHgexX91S9wCO68yfxBUAL9tDhIQt3TQ==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://m.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Tue, 03 Aug 2021 00:12:33 GMT
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://m.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Tue, 03 Aug 2021 00:12:33 GMT
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
26651
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 01 Jul 2021 22:05:10 GMT
server
AmazonS3
date
Mon, 02 Aug 2021 16:48:23 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
oHvZbTYzW90z5rP4L-vA1LWANvo3Hq5fT41jaKesEzGFjaTCF3sYjQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fm.creaders.net%2Fnews&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 20:28:04 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
server
Server
age
13469
x-cache
Hit from cloudfront
access-control-allow-origin
https://m.creaders.net
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
YgGttLulh7tNikj3K4TkSiJc8Aekrff4PmlyNg2nznSOCVBqqIbkAA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210803
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62290156a07fc7cfde54501840f4b04fcc9561d8d9ccb0e725b269b78e00fe44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
32530
x-jsd-version
1.0.1057
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
948
etag
W/"69f-CcHxbwzDRPXildaUwMHfUSO6Gq8"
x-served-by
cache-fra19177-FRA
x-jsd-version-type
version
date
Tue, 03 Aug 2021 00:12:33 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
prebid
prebid.ad.smaato.net/oapi/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-SMT-SessionId
14c5206c-ec98-4857-b330-c4a799559c69
prebid
prebid.ad.smaato.net/oapi/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-SMT-SessionId
c19d2e92-972e-4ee3-9bc2-e20952383476
prebid
prebid.ad.smaato.net/oapi/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-SMT-SessionId
56a6927e-fb1f-42a7-b08f-10792d24a6e7
prebid
prebid.ad.smaato.net/oapi/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-SMT-SessionId
667cab5f-284b-4aa7-a209-c844aad809f1
prebid
prebid.ad.smaato.net/oapi/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-SMT-SessionId
c7dca83f-5054-499a-844b-5e5107825ab4
unruly_prebid
targeting.unrulymedia.com/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://m.creaders.net
pragma
no-cache
date
Tue, 03 Aug 2021 00:12:33 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://m.creaders.net
pragma
no-cache
date
Tue, 03 Aug 2021 00:12:33 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
ROS
ads.us.e-planning.net/hb/1/2c995/1/m.creaders.net/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/m.creaders.net/ROS?rnd=0.326071275800925&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fm.creaders.net%2Fnews&pbv=5.5.0&ncb=1&vs=F...
  • https://ads.us.e-planning.net/hb/1/2c995/1/m.creaders.net/ROS?ct=1&r=pbjs&rnd=0.326071275800925&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fm.creaders.net%2Fnews&pbv=5.5.0&...
494 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/m.creaders.net/ROS?ct=1&r=pbjs&rnd=0.326071275800925&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fm.creaders.net%2Fnews&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fm.creaders.net%2Fnews&gdpr=1&gdprcs=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
338dfc3ffc84dfdc9df995e508fcaf1a15777cffd4be395120828493d455a82d

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://m.creaders.net
expires
Tue, 03 Aug 2021 00:12:33 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
494
x-sid
AMS-602

Redirect headers

date
Tue, 03 Aug 2021 00:12:33 GMT
server
openresty
access-control-allow-origin
https://m.creaders.net
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/m.creaders.net/ROS?ct=1&r=pbjs&rnd=0.326071275800925&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Fm.creaders.net%2Fnews&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fm.creaders.net%2Fnews&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-602
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
date
Tue, 03 Aug 2021 00:12:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=25272708496
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
date
Tue, 03 Aug 2021 00:12:32 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs-simple.com/ut/v3/ 		255 B
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4684e513c977616547f2ac8198467b9bae9f65f5fb4fd8c963626e85f2d9810d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
f1fc360a-28f7-412a-9921-9dd9f27c73c9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
255
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&secure=1&gdpr=1
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
a1ddbccb365daed46e9ca111f287c4f35497b03e7003cf1e55f13fd8e3637e72

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:33 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
quantumdex
useast.quantumdex.io/auction/ 		0
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://m.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P221d3f4erL8S%2Fb7Q6sOh%2BjqqejevDeukgs%2Fl7b8uQLBB8LlEautLASc9vC0XHAsysi6BBLgKqyPygVMfqCjWsD89ZslTVylLTrutxaFT1VQndNLSP%2FCNfQA82UQxTKUqDPIbmOj6wEuVDes2W6Qo68E"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
678b55c6c9c5c2d6-FRA
prebid
ib.adnxs-simple.com/ut/v3/ 		261 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
88562af634ddc583a31996ccea617ae7dd4035eaf4116e579d939643d690a077
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
924987f7-0b80-47db-9b6c-356a2e1af86f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
261
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
date
Tue, 03 Aug 2021 00:12:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
133
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
date
Tue, 03 Aug 2021 00:12:33 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223451cf7b0884d95%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fm.creaders.net%2Fnews%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2235c3fa628c5e5a6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22250x250%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22200x200%22%7D%7D%2C%7B%22w%22%3A180%2C%22h%22%3A150%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22180x150%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
312e3648f242c78cd6f00047b4491c33b964ea369575d39b924d14bbf34f3b9a

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[SE], RC:[AB], CN:[EU], CIP:[37.120.209.212], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://m.creaders.net
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
10
expires
Tue, 03 Aug 2021 00:12:33 GMT
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%223451cf7b0884d95%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fm.creaders.net%2Fnews%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236f115f6c6414cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x168%22%7D%2C%22video%22%3A%7B%22maxduration%22%3A120%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22playerSize%22%3A%5B%5B300%2C168%5D%5D%2C%22placement%22%3A4%2C%22w%22%3A300%2C%22h%22%3A168%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
312e3648f242c78cd6f00047b4491c33b964ea369575d39b924d14bbf34f3b9a

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:33 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[SE], RC:[AB], CN:[EU], CIP:[37.120.209.212], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://m.creaders.net
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
10
expires
Tue, 03 Aug 2021 00:12:33 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fm.creaders.net%2Fnews&pid=88ceCSf4bnzyf&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
6lbpysZa-h9U49FOg6yZZrtywKx3GAiU19YrrUCa-CZYcGLeB-hwfA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fm.creaders.net%2Fnews&pid=88ceCSf4bnzyf&cb=1&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22Amazon%22%7D%5D&cfgv=0&schain=1.0%2C1!interdogmedia.com%2C279%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:33 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
N4KhzAcatrPa8VS862zCIDqPgSA8P5RuShxc8Jq6CZKpCRX_q5s2iQ==
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&secure=1&gdpr=1
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
2552b28a99ec5e0b1e46cdd2f9c989abd7ea21f8c4a03b16c25e3b3ced2771f7

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:34 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
prebid.ad.smaato.net/oapi/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-SMT-SessionId
b2e418ca-00e8-4f0c-b3d1-c5ffdc186e2b
prebid
prebid.ad.smaato.net/oapi/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-SMT-SessionId
a6009307-643f-4884-9688-9c271a6c2e4a
prebid
prebid.ad.smaato.net/oapi/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-SMT-SessionId
36e89aea-4495-44a1-bf0f-541b41bdd76e
prebid
prebid.ad.smaato.net/oapi/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-SMT-SessionId
4f9f14ac-b155-4525-8c7d-1cc172234923
prebid
prebid.ad.smaato.net/oapi/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-SMT-SessionId
3c41f876-4690-49ac-bcd7-c5d52b191ada
prebid
prebid.ad.smaato.net/oapi/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.97.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-97-90.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://m.creaders.net
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Server
SOMA
Connection
keep-alive
Date
Tue, 03 Aug 2021 00:12:33 GMT
X-SMT-SessionId
8b7dd6ef-f6d6-445c-900b-6972573521e1
prebid
ib.adnxs-simple.com/ut/v3/ 		262 B
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c85b7499f7382756185eaf0337da3566eea67ec6d6a10557c5e5459a986bb6e5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:34 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
d767d81d-9a64-45e9-8b83-ecc5b220bbee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=42003600353
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
date
Tue, 03 Aug 2021 00:12:33 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
quantumdex
useast.quantumdex.io/auction/ 		0
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Aug 2021 00:12:34 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://m.creaders.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aa3D5xGpqKWPzYKt4pndEll5PlWIoE%2BQrgZ2%2F%2Fsp4OXs0VXck5yS1mD6nrbHezCGe7TPHRQT2AcWRZbY3OnUGfXypc5XYvSCSV1nbIs%2BhBL1%2Fg%2F%2BUkHVrOs9uQ700a6Jx81%2BKdvdbYeGSJZfARUmOSGb"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
678b55c85b3ac2d6-FRA
unruly_prebid
targeting.unrulymedia.com/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://m.creaders.net
pragma
no-cache
date
Tue, 03 Aug 2021 00:12:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://m.creaders.net
pragma
no-cache
date
Tue, 03 Aug 2021 00:12:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
date
Tue, 03 Aug 2021 00:12:33 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
date
Tue, 03 Aug 2021 00:12:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
131
vary
origin, Accept-Encoding
prebid
ib.adnxs-simple.com/ut/v3/ 		262 B
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
627308ed8266245540c081146b61cb73f667d27f155e48476f40e98ec9e78726
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:34 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
a353c1fa-e27c-43a0-aafc-87f9982429e6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
date
Tue, 03 Aug 2021 00:12:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227121147f5b990d6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fm.creaders.net%2Fnews%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2272e51602004ee3f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22336x280%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22250x250%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22200x200%22%7D%7D%2C%7B%22w%22%3A180%2C%22h%22%3A150%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22180x150%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
951b9d54e85a14f53cd4d47a0580e5917b1b9f8196ba1ec87eed70106f267b33

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:34 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[SE], RC:[AB], CN:[EU], CIP:[37.120.209.212], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://m.creaders.net
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
10
expires
Tue, 03 Aug 2021 00:12:34 GMT
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=529072&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227121147f5b990d6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fm.creaders.net%2Fnews%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A2%2C%22ren%22%3Atrue%2C%22version%22%3A%225.5.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22738302708e00dfd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22529072%22%2C%22sid%22%3A%22336x189%22%7D%2C%22video%22%3A%7B%22maxduration%22%3A120%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22playbackmethod%22%3A%5B6%5D%2C%22playerSize%22%3A%5B%5B336%2C189%5D%5D%2C%22placement%22%3A4%2C%22w%22%3A336%2C%22h%22%3A189%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22279%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
951b9d54e85a14f53cd4d47a0580e5917b1b9f8196ba1ec87eed70106f267b33

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:34 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[SE], RC:[AB], CN:[EU], CIP:[37.120.209.212], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://m.creaders.net
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
10
expires
Tue, 03 Aug 2021 00:12:34 GMT
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/m.creaders.net/ 		494 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/m.creaders.net/ROS?rnd=0.326071275800925&e=300x250_0%3A300x250%2C250x250%2C336x280%2C200x200%2C180x150&ur=https%3A%2F%2Fm.creaders.net%2Fnews&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fm.creaders.net%2Fnews&gdpr=1&gdprcs=
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
338dfc3ffc84dfdc9df995e508fcaf1a15777cffd4be395120828493d455a82d

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Aug 2021 00:12:34 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://m.creaders.net
expires
Tue, 03 Aug 2021 00:12:34 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
494
x-sid
AMS-602
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=m.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Aug 2021 00:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=m.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Aug 2021 00:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		157 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3992119418461726&correlator=255703297023816&output=ldjh&impl=fifs&eid=31062030%2C31062051%2C21068031%2C20211866&vrg=2021072901&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=1619040%2CCreaders_M_HP_300x250%2CCreaders_M_HP_300x250_2%2CCreaders_M_HP_300x250_3%2CCreaders_M_1x1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C300x250%2C300x250%2C1x1&eri=1&cust_params=hb_domain%3Dcreaders.net%26amznbid%3D1%26amznp%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1627949554&dt=1627949554272&dlt=1627949551793&idt=1839&frm=20&biw=1600&bih=1200&oid=3&adxs=650%2C650%2C650%2C0&adys=1890%2C2666%2C3675%2C17781&adks=3760056785%2C1589377227%2C459273094%2C4057423050&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fm.creaders.net%2Fnews&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x9%7C1600x9%7C1600x9%7C1600x319&msz=300x0%7C300x0%7C300x0%7C0x0&ga_vid=1773041457.1627949554&ga_sid=1627949554&ga_hid=1033629119&ga_fc=false&fws=128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0&btvi=1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
933f1b4a2a9e6a65b1e070e68c58ea3fce47e3c82ef82718e7ead70cb58cd20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52135
x-xss-protection
0
google-lineitem-id
-1,-1,-1,4956182603
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138352644261
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 984A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 03 Aug 2021 00:12:34 GMT
expires
Wed, 03 Aug 2022 00:12:34 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://m.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Tue, 03 Aug 2021 00:12:33 GMT
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://m.creaders.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Tue, 03 Aug 2021 00:12:33 GMT
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
container.html
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C51 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 03 Aug 2021 00:12:34 GMT
expires
Wed, 03 Aug 2022 00:12:34 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627903448373927"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:35 GMT
container.html
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A945 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 03 Aug 2021 00:12:34 GMT
expires
Wed, 03 Aug 2022 00:12:34 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A60D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 03 Aug 2021 00:12:34 GMT
expires
Wed, 03 Aug 2022 00:12:34 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 4AF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgWeL0yRKnIeKg2vwtUJB5xnW8PY3_6H6SM_Py_WfRWc082KY4CqKmScj2slN3QZe36qnP025-abVOkIfwej7KQrehbnhVVOt4gAzKFfe76zmaJpWa20HB_APMVx1_Cb58qCwsqI65NxBQG13um8nlLlXQULmVD-DKQ4RkjTv1krdWTnGjQrpI1bSYuHo5vq6UCyQvANTUZJMd1U8yW64_YP7OYIplKH1DJjz9ZqFP9R76YkFh31Nw2n4IKlFTO_9-Cm1qKEkMsK-iKshgwcsJ8ZKInWRJjqC9foCWMUyHQ5_Iy5eQrZuOUN33ZI4f30c-g7pOqy6gfEw&sai=AMfl-YTtk7sokhTxCqu4DqY74ds5aOXpfrVkc9_SxsUbmSirjf7jUnFhDrwP-cpSTJM8Un1fBVNCpCZbtRf0F3-O9af7cLlXClpQUU-dFFdGMbKBzylXAB-7o9qz9BGXifP4&sig=Cg0ArKJSzDDayhg1mv_AEAE&urlfix=1&adurl=
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Aug 2021 00:12:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 03 Aug 2021 00:12:35 GMT
spt
tg1.selectmedia.asia/api/adserver/ Frame 4AF7 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=60c21b1576524450f8723437&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eb48ef7f0ddf941f53d17b738f91ee6a89669fc1a4eb93b0ef29abd28a0ca6ef

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
4598
Expires
Tue, 03 Aug 2021 00:17:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4AF7 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627903459924584"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38134
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072901&st=env
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de064ab8cd36768f0460c6403a8e7d705508e908503a7a7108942b8b079fddee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8632
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CE11 		624 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNWYNjRMXYqy8X1jj8BlMYlGpBDWdmHoStuMJlRHSPqN_WCt15C01Zfxl1EE7WQWFR01KbRLJqp8XHgL0EWMAWQbLs7w9-lZwzxc8Pbe2mz9C85LFgOYt2uHmgYKc5DYlxO_6dQuoLNNMqw7SbQpmucMHJug9qien4YLBVeEG11wzW3Q2Hw
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNWYNjRMXYqy8X1jj8BlMYlGpBDWdmHoStuMJlRHSPqN_WCt15C01Zfxl1EE7WQWFR01KbRLJqp8XHgL0EWMAWQbLs7w9-lZwzxc8Pbe2mz9C85LFgOYt2uHmgYKc5DYlxO_6dQuoLNNMqw7SbQpmucMHJug9qien4YLBVeEG11wzW3Q2Hw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 03 Aug 2021 00:12:35 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmI5sVH1i7gs5WovpBpYVCCZWz44DiQaHO7kw0dB_6goU6ikhnOL11kwOkX; expires=Sun, 28-Aug-2022 00:12:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 03 Aug 2021 00:12:35 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 7C51 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7610
x-xss-protection
0
server
cafe
etag
7847795998687576317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Aug 2021 00:01:09 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/elements/html/ Frame 7C51 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 22:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4869
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2627
x-xss-protection
0
server
cafe
etag
17449454297928180344
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 22:51:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7C51 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0bIkjFkMAwnhU9Tj7PphSw8QFpxqjE-5x7jYK0hkl3acF4gzaCXHSkvDrf26QtWPTW1zQIvZjTnyyN1Ekp0pqzRZTjBt8WuRTkMK759Y3WDc9VxULtt8g8MCOtxUdjr7ySzF2oLIxJh7exXAREWDjC_qMsStpeP3f8spfGyCPWRMBFMlMWV63pIOBoCiAbhz0jSeXRWR7AKszPjs2NZcIn2pIHsd_hMHxFuZxH3glk10VAcFCGX4EKta6XNY7S4z76ZGtQE8DfZnIYY_UfyCZV73LF2z7fdClS6aNc8mSJN1oCikxSLS6Aau8nZYITrU_SztDpE_kO1Oj6K-_C4iZgGnp23KJdN1b5l1DeUdne07czjysnzrCAtK6w1d_NByT_omyNRk5_5vV-pDbe-HDelF9MgRbuxcJT8uSGbVQsgJom19JJGF_WG2VWKzyfvOCbh9Dtv88ZBtoLVfavYxixO_OltGg-Pjnx0H4_ELWjZMLrddee2dJuyJVL_7Rt6gPfpS0oApJQTIYNLvsJJVu154k3sXFbP4VeZriHBj0FTNyBVfVWajNd9M0dTkgqHZgSSRH-wa00vJigRpSvpJDKxhlNHldHSL8HlT62BYBrq-DphrWJijaTq3Kt6221v6lARqkVMFs3Z-xZVQSF3-dlMoyj8lwmEMVzrSN9eF8_vytkxIlBe7wXJOCzkW-XiTvk9Rsa48K0fYeopAoivyBMi3dI8GPlD2gfaLgz63zUmHCPyFoqJkSOdK8ADU51k5Tr9Wyg9j-axC3Shcv8K3DY3LHbXARNbQOTBCHxWjHdo99aCSFdqOFZAV5PmLt3ST2EfNcD0g-4HlkbVL-dL2N59I90VRj_FEAlWhQENSCYRid3lbhJo0zspfGSAlIR-xHjZwoNMiKg7-0NOlLTs1Chvo14mh9Gt44o__STe0BHulMc4QqcCAIsxjVv2ozzjh51FRPA1pj3VXqorNRIZaPXuWdFfBPha3n8EdeCYi5wNveapfMsY-o6EpcHMcItTk7F89Jl9ZPjm63Ph7Y7x7aLoqSgiFANodJjxNg2bqmYDa0TIyiU57R-zj6mqKuk9mVhiq5PoR0XUwqmqCIs0zmwNtR3RkjTuvy4b5a5Yh9n7GUCdZH&sai=AMfl-YQXVD6cluX0a6VE3_ZiGsnP6lzRFUkRp9Q-J-7cqbjsgrc1eLUQR3W4z8EdVo1O2cBS5dqU8B5XlVhgMuHMdiL7kanuI04fCecEJPpBeagt3gOF2jjxdaZ5PkUX6dTvu_dWzFFAaetcbrzUZc1DuuJmYBHIj9W-ePszDsR-XA4pB7R3hsJO15jRolxXaOCZFWcMfzfr0WzOViZ-adAUfx4CNgTw6_eMe9N5WJqyXL29rUveoJXECvTqKL-MuHQNbwydhAOR8Hrn-L0lAR_zmFS0fftpA8Z9LGo_KjtbdNU8HMLjhHkJTMcQmmEMm3FJZIqCJkahcLyx-taLuktZ37devz5nZwfeZ3t4K8YI0M5nl5Z9gpR4QBPTY-aUvGxEKAZJG5oj&sig=Cg0ArKJSzPSvikC6u4gvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210729.45067&adurl=
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 03 Aug 2021 00:12:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7C51 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 06:32:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C51 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0dkRG8P3ASOWA6nSpVod6igUJVtLJlC0ObUkgn-BHNkuLBZxrSarI4SK_gg1pRqxLimP6iUv9e0Ghdn6uN3dy-eW-1STyHwyg4tgmMCNisUROVx4
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 7C51 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 23:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 23:57:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C51 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627903459924584"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38134
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 7C51 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Aug 2021 00:08:17 GMT
l
www.google.com/ads/measurement/ Frame 7C51 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRV9V3nofpoK1GfvpWd7pY_60li1YrTq3oHeXQ1vUHYSHMJ1jqV5BT34TE_v_HZ5QJuOZSg9BQDIxJ7WImVVXI6OMlnw
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
11599728045389163494
s0.2mdn.net/simgad/ Frame 7C51 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11599728045389163494
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4167815fe9f5c51ef807be10a1677c9a743ee4653190d9d6a1f4f7723b95c4bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:44:20 GMT
x-content-type-options
nosniff
age
48495
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86123
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 09:14:43 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 10:44:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DC6F 		624 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNXhtpGwHwCuFhI_1d9D9aWW1SUzryVnngD5ZEhBIA6gQ5NJICkJOK1C8kjLqaqAy8l_3cevWJKTQNQhcn8g-lM7mt81zHPoyd8KT8t7-fooKigKBTsQJFIefkh0J2Xz-U9pNe0OrImYjugr2EYpQkwptOxFarHD35ucMy906bT3yHF8ezc
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNXhtpGwHwCuFhI_1d9D9aWW1SUzryVnngD5ZEhBIA6gQ5NJICkJOK1C8kjLqaqAy8l_3cevWJKTQNQhcn8g-lM7mt81zHPoyd8KT8t7-fooKigKBTsQJFIefkh0J2Xz-U9pNe0OrImYjugr2EYpQkwptOxFarHD35ucMy906bT3yHF8ezc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 03 Aug 2021 00:12:35 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnUdmuy4Z51bB3vwlvYn5CQajjFAGsZZA7P92KjsyENmxxfyBCA795_ZRiJ; expires=Sun, 28-Aug-2022 00:12:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 03 Aug 2021 00:12:35 GMT
11599728045389163494
s0.2mdn.net/simgad/ Frame A945 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11599728045389163494
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4167815fe9f5c51ef807be10a1677c9a743ee4653190d9d6a1f4f7723b95c4bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:44:20 GMT
x-content-type-options
nosniff
age
48495
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86123
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 09:14:43 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 10:44:20 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame A945 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7610
x-xss-protection
0
server
cafe
etag
7847795998687576317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Aug 2021 00:01:09 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/elements/html/ Frame A945 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 22:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4869
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2627
x-xss-protection
0
server
cafe
etag
17449454297928180344
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 22:51:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A945 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmORSRoPC5lUayo1qFFNPSN9yMVofhl5PhPT2ShQzXs5jYkKB2ukUuyhDM99xvBFFwP2Z8vsN1it0oclbvgcEv24a0O3nTMEmX5OJp9UlYqbIlJMQ4CZgo1qcar7eCJ2Z07iX_a89hK5XOoTyzHd1rS13qydvSOQ9zL0a3rWY2zusevm92Drauk0A3Djr0GBCJs7J3VU8to93anQe8JpIKfm0kxBj6l-1fz8AL8CWFfPUNLIbQJE74teiqzcpVDdJdxrPykASxrn2VNt9go7s297nQXBj_N3IF-Sz35XxLWzPOTfsxiLjnE8PZWkRUVQBPeeUhFr2fN-r4JsitW6UTI3iB7zOyvXhUpJRc42IOnQCJrWH4jVdSLOnPdl3XUNwp_dkjgU4Xs4Mf2uXMmAd5SF8zcs03OWqqgHtuoYii_167MAv5Rc4xpYAAu1CBh3W3OCYFwnL0rAsGEPY8fPJdEsepqpiELXjIQTvHpHAzlH-KJKSQ0HtwrG2VMwr5Ly4jQCQM8H746HVqkJoS3j8sfJB6PYYmyi108e-WIqdJBb8NM5NHjK4jS_yyPihNGvbgUiuLVkemhDzEepFuA-Vh_Iw3pen9VBuI7vPXuetKQgPcoZ3SdU2qRHTxHcIMkrmOWmMyRF0kDQJOve-NYyFhsz8pSzpwwV9Iv_tR5zLmjWRoemSDLKJ55aSLuXjLMbN4QzfxVo9Y0932KE10zn7VBntGO73k9uz1pPlilRb64dO0F7g0ZNd4WQakP9FRT2C8hLLJckWXN0QMHZHztNOJxRwmnzKNQYoxj649vw7eZSwwgtsaNK1YzB3At3uoWgjO8DticK8ToQceO02B3glE3siUJsTlpZ54Q2BOGfuqVPYaS5mUzcwui6qjJzbcGaHIrzAzy0zRGUmVpVgFJG20t4B8RhJ-cxTLfUWBw4zgNfLAveDd9UAp7Iy_gu8UPFP0LCUAdMoVVi6WY7D98OzBz-k3niJYvLr8AIuwv3pmwuCq29TyqD8lHi4WzNEGlKy08ewnEPzfMd1fHflYU17bEL4-P_DkeTq8BMfuShGjiqfO9UBvjb0J0QkxZC4-SiLc0AcfiDACW90GNBKxYCYcZO05ziE4aIaN4r8R1WlueLsc79qr2Z26Nw&sai=AMfl-YTsHJ8VUjXW2EpdQDHY49nNEqZH332TRA4bkmqgE-kKCiWa2AzF_9E9molZXLNB2FARDKWzct7TYnVvcywz2e8d4jS5dlaCiiPgYZu2LMjUb4oby_vINBV75xLcbzwqXG57VspDpJUTvgaqTOHjZvW6w-jU5RUteG8J58jV1uZ1eWq3r8pAH8KNV5PMpCQdh-kcl17J_sKTUEDTf9ZVex9j34d4KMmTuuBHBS1ke8p9fM8rOigDSSzE3Gyoic0OzB2onV_v8T7YzvWJw3f8oYD4DubD3spw4AKZbpdWFB0SWtPglU9VzEHiZNI0ndNgc74nV5wAZcGpMUi7yssPcChthOZR3vGIAbLQJc7C2ghYYa49phiiN2nSyiRs4H0udRS9-6Ld&sig=Cg0ArKJSzE6zAGmqW5JSEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210729.01906&adurl=
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 03 Aug 2021 00:12:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A945 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 06:32:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A945 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Anzyy8OHT1AiWturEkPbBtau1IGQIP5Y14EBpnniVCTUrGiRLJs4y9SUMGJIcrRSKhXIdCQbVlw-ZN2yZOz4L1-FqSavAxfqe9p4IfsKpfdGlTg_k
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame A945 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 23:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 23:57:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A945 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627903459924584"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38134
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame A945 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Aug 2021 00:08:17 GMT
l
www.google.com/ads/measurement/ Frame A945 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzGWvE9Vn5u3xsSsaHlT-n_sR6cokIgQe4QmJIiOI0e38k8E0iPGof55255zsFbpr8i6npSdvRSbDkIuxbEzTi9-IQDg
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 4AF7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5912b60ea081dc4d4126db35fa2d560b0f7fbfc5e99bb928645cbbfca19ceda1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame FAA5 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNV6xbJhe2FgCyXSOEojDC4tzyO_XvXjpWKhsbQq-FF9fVRWKC5zfweON981Q5IGI1nnpak_qq9KSSLYYo0G3LVMdhhg12CBwdHhLAswE8jIUpa5n03b9kJ-fhyiQ-0sLCmPeCKKK2wCTqjZ0qQLRL8VhKyRaUb01l4zPaIJ-hjzFe5jUZ8
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNV6xbJhe2FgCyXSOEojDC4tzyO_XvXjpWKhsbQq-FF9fVRWKC5zfweON981Q5IGI1nnpak_qq9KSSLYYo0G3LVMdhhg12CBwdHhLAswE8jIUpa5n03b9kJ-fhyiQ-0sLCmPeCKKK2wCTqjZ0qQLRL8VhKyRaUb01l4zPaIJ-hjzFe5jUZ8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnUdmuy4Z51bB3vwlvYn5CQajjFAGsZZA7P92KjsyENmxxfyBCA795_ZRiJ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 03 Aug 2021 00:12:35 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
11599728045389163494
s0.2mdn.net/simgad/ Frame A60D 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11599728045389163494
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4167815fe9f5c51ef807be10a1677c9a743ee4653190d9d6a1f4f7723b95c4bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 10:44:20 GMT
x-content-type-options
nosniff
age
48495
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86123
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 09:14:43 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 10:44:20 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame A60D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7610
x-xss-protection
0
server
cafe
etag
7847795998687576317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Aug 2021 00:01:09 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/elements/html/ Frame A60D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210729/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 22:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4869
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2627
x-xss-protection
0
server
cafe
etag
17449454297928180344
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 22:51:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A60D 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaUvv-1wlFxSye-SpWdCiWKp53ldjx9WoTW3iW8LlPJIHcg-NdZzGSX4p_re3oI_tMMy18s4lxuJ9GDDg_t-O-Ynny_w02ojjCiFkxxT_Ztf5aHykc_I6K5U4hqx018yFSPbtzkz6-VBlgAdmKAfz748x8DbIXzZsEyGRDbyQnnLaaEbLVuu8v-uQ3F7WmP3YGllZvO3K_Rp5lQ2P_pfgzKBqRPikdzPPrDJEwWPz-jBGC-0ZX9eKpzIHe14dMwr4R7nIPFVRMWVwqJUF4yXh2m9U5olEU7-iHuaS-6GSJJBoLErzYEpoEXo-g0pJUIWZU1XEV18L62y4pdkS5t_PfN7Hn05am6OrMwIwxxyI1qW924UqyFN8ihHdjfJZSYAX0jWtd6V2hOtYi0JSjCEKgTbPLVzXOLY805QoT3K-d6w_pj1j0xVOetRK6xV1dOGjKwLmx1TZCsmhbSYGlTj5lsdTNFaHmGKFZDbFo6pxQ5lA3HYRnKKzB4Vhhgwnb2UMtSNGhopU3VeqyM_AdVxOi9Du3nPl2LVesUuwchXdrOj-sZVi-gIF5tt2ntFw0G-Yd55mW5iOlxCa0_dFg9fXJU6glnOrviXiJjMsNRr62fgJZ43Fp7pj2XJzHiAAp06tp0QGIZzdtc7ffaXM43cojXOL7fmuKCFC_ki-clmMD9GN3_FWgSEYOL7PE4zwmnNbOTtrU3Yw3zFFt-v76kX278BwE9t_DGSK6fALpgE30H5i4U-MutqaaJ-VkIN8KR4HpW71xAhlE5jsBVseCP1G-7Q1PH5zi456fj9p1avc4z_ECjWYaJAHCXkGKYGH_YEqzSliXxY0Mp0xS2EYv_gjU5OtZ9bc-aSx3Zt3Ezj_NJIFdJAj6SGALkpjrsz-XmzI5zDwfGVb6gLwcHhfhx2tNPX9rG0rEA8AQ6JYLr4xeDvBA-dwgB_0kHGOEsQv26pqWw3YhOI1Eb5SOmZ-mDEo-pOkkcLI8uAMlN9e-HQRJ5WPceurNaxSyAYCZP3MUiA1eintDUeJNLnW6V3hEhgiavuvsYfKN1Ni_SKfePYqGz3NXVV9kmn7NMPgqgSelfqLB8-Ij_vNHdcB2UhdlDZ2OM702PL8kT7YojQmJJrWlQZShc6e6a5KTJw&sai=AMfl-YTgX2V7j11PRVYNCx7P4OjFZlU8Pn7JU49jvp0HFhNyq85hkv4CWvcjd8F0yt5pkXqqYhOYChFw_15RgyFX2kedCaA26PqpaiUa0fnYi56DP9ZEZ8S-sA2SX_vXcUEJ99DkWGfFVrNoZlejcElUWAB7GDzep7DqbcvCBdx2crsXFtTZ-8maydeVAJloGBKd3oObgDMtrSpXKmOA0lH_WzhWm_6CCVUi2gHdCVA4ZOzR-Flv6W2Tz6of6MpwJGg4dhQe8HUKt_TBmJ3qFl005WZoicKL3zn5UqtwiAD1bymGYqHFbJp7JZNMosQyf17X1LYmJuHs-S3PVdmC6abADPlH1U6Uns9mVG5_zpm6K3iLx5gvO-t8swJBXXFv-5NIaxvIIZFg&sig=Cg0ArKJSzBd_lvQOCRemEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210729.08103&adurl=
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 03 Aug 2021 00:12:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A60D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 06:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 06:32:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A60D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BVFUZP4Mg4z01OlsG6cJid74yBNmXNI0vW-TIG5i8tgU-YT377bUkWDNP-kGb-kJd4VjjQ3r_UU1hgZjrB01tlXnfRJfU96sC6hZ-Zq50iC6a3s04
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame A60D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 23:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Aug 2021 23:57:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A60D 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627903459924584"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38134
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame A60D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Aug 2021 00:08:17 GMT
l
www.google.com/ads/measurement/ Frame A60D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQj0yAJxO7ZiAj8nmunexmmra5S_-J4xrS2fQAYYZSycvmKG0ysOdYmzB5_q3Bdk6CNmzQ3O57GSdyYzUJedygx1IsGIA
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
player.js
player.selectmedia.asia/script/6.1/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.selectmedia.asia/script/6.1/player.js
Requested by
Host: tg1.selectmedia.asia
URL: https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=60c21b1576524450f8723437&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5b2a765691b3e18c0d36da2361a9ee5023df284a154d55cb963550f841134955

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:35 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdsNET7i4JI8K36etCcm3YY-M2ehmBml2j8x2d868NOCetFKAc8RNwEqTroAq9-XCxyQTIN_Q-xhKE6ZjBy2yDs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
9181
Last-Modified
Tue, 27 Jul 2021 06:27:42 GMT
Server
UploadServer
ETag
"8e5cea0431b13a375029a3731b973ac7"
Vary
Accept-Encoding
x-goog-hash
crc32c=6IVVmA==, md5=jlzqBDGxOjdQKaNzG5c6xw==
Content-Language
en
Access-Control-Allow-Origin
*
x-goog-generation
1627367262813930
Access-Control-Expose-Headers
Content-Type
Cache-Control
no-transform, max-age=300
x-goog-stored-content-length
9181
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Tue, 03 Aug 2021 00:17:35 GMT
track
track1.aniview.com/ Frame 4AF7 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5c5bf265073ef44dbb3483fb&cid=60c21a7dd47c7876191f3a27&cb=1627949555188&r=m.creaders.net&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&e=playerLoaded
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 722C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 02 Aug 2021 20:05:51 GMT
expires
Tue, 02 Aug 2022 20:05:51 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
14804
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B92E 		783 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8e5183861467c8b45fb88cc8faf938f35da862db8027e40b7058d9c0b3a55e80
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dpnEuHebPcqt9f3EiNWqgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

expires
Tue, 03 Aug 2021 00:12:35 GMT
date
Tue, 03 Aug 2021 00:12:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-dpnEuHebPcqt9f3EiNWqgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E43D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 02 Aug 2021 06:32:03 GMT
expires
Tue, 02 Aug 2022 06:32:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
63632
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C51 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BkwAK8okIYdHwFZTz3gP2p5XYBwAAAAA4AeAEAg
Requested by
Host: 295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
URL: https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E042 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 02 Aug 2021 06:32:03 GMT
expires
Tue, 02 Aug 2022 06:32:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
63632
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 7C51 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0bIkjFkMAwnhU9Tj7PphSw8QFpxqjE-5x7jYK0hkl3acF4gzaCXHSkvDrf26QtWPTW1zQIvZjTnyyN1Ekp0pqzRZTjBt8WuRTkMK759Y3WDc9VxULtt8g8MCOtxUdjr7ySzF2oLIxJh7exXAREWDjC_qMsStpeP3f8spfGyCPWRMBFMlMWV63pIOBoCiAbhz0jSeXRWR7AKszPjs2NZcIn2pIHsd_hMHxFuZxH3glk10VAcFCGX4EKta6XNY7S4z76ZGtQE8DfZnIYY_UfyCZV73LF2z7fdClS6aNc8mSJN1oCikxSLS6Aau8nZYITrU_SztDpE_kO1Oj6K-_C4iZgGnp23KJdN1b5l1DeUdne07czjysnzrCAtK6w1d_NByT_omyNRk5_5vV-pDbe-HDelF9MgRbuxcJT8uSGbVQsgJom19JJGF_WG2VWKzyfvOCbh9Dtv88ZBtoLVfavYxixO_OltGg-Pjnx0H4_ELWjZMLrddee2dJuyJVL_7Rt6gPfpS0oApJQTIYNLvsJJVu154k3sXFbP4VeZriHBj0FTNyBVfVWajNd9M0dTkgqHZgSSRH-wa00vJigRpSvpJDKxhlNHldHSL8HlT62BYBrq-DphrWJijaTq3Kt6221v6lARqkVMFs3Z-xZVQSF3-dlMoyj8lwmEMVzrSN9eF8_vytkxIlBe7wXJOCzkW-XiTvk9Rsa48K0fYeopAoivyBMi3dI8GPlD2gfaLgz63zUmHCPyFoqJkSOdK8ADU51k5Tr9Wyg9j-axC3Shcv8K3DY3LHbXARNbQOTBCHxWjHdo99aCSFdqOFZAV5PmLt3ST2EfNcD0g-4HlkbVL-dL2N59I90VRj_FEAlWhQENSCYRid3lbhJo0zspfGSAlIR-xHjZwoNMiKg7-0NOlLTs1Chvo14mh9Gt44o__STe0BHulMc4QqcCAIsxjVv2ozzjh51FRPA1pj3VXqorNRIZaPXuWdFfBPha3n8EdeCYi5wNveapfMsY-o6EpcHMcItTk7F89Jl9ZPjm63Ph7Y7x7aLoqSgiFANodJjxNg2bqmYDa0TIyiU57R-zj6mqKuk9mVhiq5PoR0XUwqmqCIs0zmwNtR3RkjTuvy4b5a5Yh9n7GUCdZH&sai=AMfl-YQXVD6cluX0a6VE3_ZiGsnP6lzRFUkRp9Q-J-7cqbjsgrc1eLUQR3W4z8EdVo1O2cBS5dqU8B5XlVhgMuHMdiL7kanuI04fCecEJPpBeagt3gOF2jjxdaZ5PkUX6dTvu_dWzFFAaetcbrzUZc1DuuJmYBHIj9W-ePszDsR-XA4pB7R3hsJO15jRolxXaOCZFWcMfzfr0WzOViZ-adAUfx4CNgTw6_eMe9N5WJqyXL29rUveoJXECvTqKL-MuHQNbwydhAOR8Hrn-L0lAR_zmFS0fftpA8Z9LGo_KjtbdNU8HMLjhHkJTMcQmmEMm3FJZIqCJkahcLyx-taLuktZ37devz5nZwfeZ3t4K8YI0M5nl5Z9gpR4QBPTY-aUvGxEKAZJG5oj&sig=Cg0ArKJSzPSvikC6u4gvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=108&vt=11&dtpt=108&dett=2&cstd=0&cisv=r20210729.45067&adurl=
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 03 Aug 2021 00:12:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame A945 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmORSRoPC5lUayo1qFFNPSN9yMVofhl5PhPT2ShQzXs5jYkKB2ukUuyhDM99xvBFFwP2Z8vsN1it0oclbvgcEv24a0O3nTMEmX5OJp9UlYqbIlJMQ4CZgo1qcar7eCJ2Z07iX_a89hK5XOoTyzHd1rS13qydvSOQ9zL0a3rWY2zusevm92Drauk0A3Djr0GBCJs7J3VU8to93anQe8JpIKfm0kxBj6l-1fz8AL8CWFfPUNLIbQJE74teiqzcpVDdJdxrPykASxrn2VNt9go7s297nQXBj_N3IF-Sz35XxLWzPOTfsxiLjnE8PZWkRUVQBPeeUhFr2fN-r4JsitW6UTI3iB7zOyvXhUpJRc42IOnQCJrWH4jVdSLOnPdl3XUNwp_dkjgU4Xs4Mf2uXMmAd5SF8zcs03OWqqgHtuoYii_167MAv5Rc4xpYAAu1CBh3W3OCYFwnL0rAsGEPY8fPJdEsepqpiELXjIQTvHpHAzlH-KJKSQ0HtwrG2VMwr5Ly4jQCQM8H746HVqkJoS3j8sfJB6PYYmyi108e-WIqdJBb8NM5NHjK4jS_yyPihNGvbgUiuLVkemhDzEepFuA-Vh_Iw3pen9VBuI7vPXuetKQgPcoZ3SdU2qRHTxHcIMkrmOWmMyRF0kDQJOve-NYyFhsz8pSzpwwV9Iv_tR5zLmjWRoemSDLKJ55aSLuXjLMbN4QzfxVo9Y0932KE10zn7VBntGO73k9uz1pPlilRb64dO0F7g0ZNd4WQakP9FRT2C8hLLJckWXN0QMHZHztNOJxRwmnzKNQYoxj649vw7eZSwwgtsaNK1YzB3At3uoWgjO8DticK8ToQceO02B3glE3siUJsTlpZ54Q2BOGfuqVPYaS5mUzcwui6qjJzbcGaHIrzAzy0zRGUmVpVgFJG20t4B8RhJ-cxTLfUWBw4zgNfLAveDd9UAp7Iy_gu8UPFP0LCUAdMoVVi6WY7D98OzBz-k3niJYvLr8AIuwv3pmwuCq29TyqD8lHi4WzNEGlKy08ewnEPzfMd1fHflYU17bEL4-P_DkeTq8BMfuShGjiqfO9UBvjb0J0QkxZC4-SiLc0AcfiDACW90GNBKxYCYcZO05ziE4aIaN4r8R1WlueLsc79qr2Z26Nw&sai=AMfl-YTsHJ8VUjXW2EpdQDHY49nNEqZH332TRA4bkmqgE-kKCiWa2AzF_9E9molZXLNB2FARDKWzct7TYnVvcywz2e8d4jS5dlaCiiPgYZu2LMjUb4oby_vINBV75xLcbzwqXG57VspDpJUTvgaqTOHjZvW6w-jU5RUteG8J58jV1uZ1eWq3r8pAH8KNV5PMpCQdh-kcl17J_sKTUEDTf9ZVex9j34d4KMmTuuBHBS1ke8p9fM8rOigDSSzE3Gyoic0OzB2onV_v8T7YzvWJw3f8oYD4DubD3spw4AKZbpdWFB0SWtPglU9VzEHiZNI0ndNgc74nV5wAZcGpMUi7yssPcChthOZR3vGIAbLQJc7C2ghYYa49phiiN2nSyiRs4H0udRS9-6Ld&sig=Cg0ArKJSzE6zAGmqW5JSEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=101&vt=11&dtpt=101&dett=2&cstd=0&cisv=r20210729.01906&adurl=
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 03 Aug 2021 00:12:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 7C51 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e7e21694a4375d38b1c03f93e628613a9b92e19c7bf385022eb67b958fcd497

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A945 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7364e5e973e81c591f0867212a2732e476b633c40c69f97912b5c6d2b7daa9b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame CE11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1&C=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNWYNjRMXYqy8X1jj8BlMYlGpBDWdmHoStuMJlRHSPqN_WCt15C01Zfxl1EE7WQWFR01KbRLJqp8XHgL0EWMAWQbLs7w9-lZwzxc8Pbe2mz9C85LFgOYt2uHmgYKc5DYlxO_6dQuoLNNMqw7SbQpmucMHJug9qien4YLBVeEG11wzW3Q2Hw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:35 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Tue, 03 Aug 2021 00:12:35 GMT
rum
dsum-sec.casalemedia.com/ Frame CE11
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQiJ8ypaTdtnMWUKFIFXfgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNWYNjRMXYqy8X1jj8BlMYlGpBDWdmHoStuMJlRHSPqN_WCt15C01Zfxl1EE7WQWFR01KbRLJqp8XHgL0EWMAWQbLs7w9-lZwzxc8Pbe2mz9C85LFgOYt2uHmgYKc5DYlxO_6dQuoLNNMqw7SbQpmucMHJug9qien4YLBVeEG11wzW3Q2Hw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:35 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame CE11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDlIELKFoC6MGCaYNR-s5ow&google_cver=1
43 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDlIELKFoC6MGCaYNR-s5ow&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNWYNjRMXYqy8X1jj8BlMYlGpBDWdmHoStuMJlRHSPqN_WCt15C01Zfxl1EE7WQWFR01KbRLJqp8XHgL0EWMAWQbLs7w9-lZwzxc8Pbe2mz9C85LFgOYt2uHmgYKc5DYlxO_6dQuoLNNMqw7SbQpmucMHJug9qien4YLBVeEG11wzW3Q2Hw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:35 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
42a680c8-3303-43cc-926c-42ebc453f9f7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDlIELKFoC6MGCaYNR-s5ow&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CE11
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODY1NjAzMjQ4MjU1MjIy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODY1NjAzMjQ4MjU1MjIy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNWYNjRMXYqy8X1jj8BlMYlGpBDWdmHoStuMJlRHSPqN_WCt15C01Zfxl1EE7WQWFR01KbRLJqp8XHgL0EWMAWQbLs7w9-lZwzxc8Pbe2mz9C85LFgOYt2uHmgYKc5DYlxO_6dQuoLNNMqw7SbQpmucMHJug9qien4YLBVeEG11wzW3Q2Hw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:35 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
840f6f4f-1484-470b-a7ad-4a69a34b446a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODY1NjAzMjQ4MjU1MjIy
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DC6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNXhtpGwHwCuFhI_1d9D9aWW1SUzryVnngD5ZEhBIA6gQ5NJICkJOK1C8kjLqaqAy8l_3cevWJKTQNQhcn8g-lM7mt81zHPoyd8KT8t7-fooKigKBTsQJFIefkh0J2Xz-U9pNe0OrImYjugr2EYpQkwptOxFarHD35ucMy906bT3yHF8ezc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:35 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DC6F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQiJ8ypaTdtnMWUKFIFXfgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNXhtpGwHwCuFhI_1d9D9aWW1SUzryVnngD5ZEhBIA6gQ5NJICkJOK1C8kjLqaqAy8l_3cevWJKTQNQhcn8g-lM7mt81zHPoyd8KT8t7-fooKigKBTsQJFIefkh0J2Xz-U9pNe0OrImYjugr2EYpQkwptOxFarHD35ucMy906bT3yHF8ezc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:35 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHVmE1_FszqSwLbwEemtK-8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DC6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDlIELKFoC6MGCaYNR-s5ow&google_cver=1
43 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDlIELKFoC6MGCaYNR-s5ow&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNXhtpGwHwCuFhI_1d9D9aWW1SUzryVnngD5ZEhBIA6gQ5NJICkJOK1C8kjLqaqAy8l_3cevWJKTQNQhcn8g-lM7mt81zHPoyd8KT8t7-fooKigKBTsQJFIefkh0J2Xz-U9pNe0OrImYjugr2EYpQkwptOxFarHD35ucMy906bT3yHF8ezc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:35 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
31e738a5-7711-4031-a631-0a35bac4c3c6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDlIELKFoC6MGCaYNR-s5ow&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC6F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODY1NjAzMjQ4MjU1MjIy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODY1NjAzMjQ4MjU1MjIy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNXhtpGwHwCuFhI_1d9D9aWW1SUzryVnngD5ZEhBIA6gQ5NJICkJOK1C8kjLqaqAy8l_3cevWJKTQNQhcn8g-lM7mt81zHPoyd8KT8t7-fooKigKBTsQJFIefkh0J2Xz-U9pNe0OrImYjugr2EYpQkwptOxFarHD35ucMy906bT3yHF8ezc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:35 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f459340c-4004-4adb-9a56-7b550bc7ef96
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzODY1NjAzMjQ4MjU1MjIy
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 812F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 02 Aug 2021 06:32:03 GMT
expires
Tue, 02 Aug 2022 06:32:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
63632
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
px.vliplatform.com/bi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNreBtUYZB-MtZt-PrAY-MweY-ZKBewtPewZewRrNBZKRmNYBBMBRrtNheRlmNBBUbYMARdzNwqfftkRkjmNBAAbYZA,YZAbYZA,BBUbYMA,YAAbYAA,TMAbTZARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNRswyNRws0N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJONIOm16HiCMeHeTMSc9Zs%2FNeMp5qNxX%2FxmAD4dz7K0v%2FQM2pNn9Kb33MfU3galGmMS4jSp%2BLCK%2BE29LrWYxTwUuKe3cKKXEflWq34sEHPMh5csW5c4Ez0tUvICQ1WdM5DGQBD2%2BS5JKZucwZ2icg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
678b55d0be380625-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
px.vliplatform.com/bi/ 		0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNyATeTKMA-rAUq-PUUy-aYyB-YwrZZKYBqUrARrNBZKRmNYBBMBRrtNheRlmNBBUbTMaRdzNcortgRkjmNBBUbTMaRwlNqhhftbxl,ob,jxqfzxdrtb,hxwdqzoe,ldqqzg,gyzdtroq,qdb,ekoztg,xfkxsnRwkNRswyNRws0N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1REnSLFjsxwRNQAMtmf4Bym49HVD8mqE881V0pde26uh7hI6WeVIf8zTbagKjEVwVrE7SZaLVmRRveHoWd3aeQD0Du5QnblO5NkcIyBlwMebVz2Qy4VnbLRgEYCB7smpjk0LV%2F2bsY9uO9ELf7EyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
678b55d0be3b0625-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
px.vliplatform.com/bi/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNUaBaBPKP-waYr-PKyt-Mtwr-ZKwYaPrMPyyKRrNBZKRmNTAPZRrtNheRlmNBAAbYZARdzNwqfftkRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNhxwdqzoe,ldqqzg,qhhftbxl,ob,jxqfzxdrtb,ekoztg,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,xfkxsn,qdqmgfRwkNRswyNRws0N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAHCwEAU9Wm%2B1WmxInkUfba81KzK1GGuTf299YcAbKYZoLKJjeWz5OvGIHmJ6jOUkJumCZgxDAF%2BCVWa4Se%2FHXmNIlrPZFur3%2FTXAA6NyurUsevCCeW9C2BZ2BWFeVSYlF1tmeCATbJQThbh2WMZ0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
678b55d0be3e0625-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
px.vliplatform.com/bi/ 		0
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNAMTKUaTM-yart-PTye-aqre-PwqeZAqUPPKURrNBZKRmNTAPZRrtNheRlmNBAAbTUMRdzNcortgRkjmNBAAbTUMRwlNqhhftbxl,ob,jxqfzxdrtb,hxwdqzoe,ldqqzg,gyzdtroq,qdb,ekoztg,xfkxsnRwkNRswyNRws0N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48TLs1ct7KXtFsS5%2BsA9KKB24IuPiGqBaMQkXFcofNlk%2BRgwn%2FKtKYwxCASD7P9dm1qtfA0DSABp0NuhFxzDhKRj%2FcyC2J0y%2FQ%2Fu3jHC4I%2FtxK88AHfqok%2B%2Bj3Mj3cbJ0WUoxlFPzFBjzokeQGJnzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
678b55d0be3d0625-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame 047C 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68e88c4d757d9560ccd16e542c59d911c68a3eb533c8ea264fa2ff787e13a0b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40771
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:35 GMT
js
www.googletagmanager.com/gtag/ Frame DA2D 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
089ef98e65d91d422c6362c9788c543ac09f64b016f4e92c1d23df83885d5b00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40770
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:35 GMT
truncated
/ Frame A60D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
233da2b2a1b9c34d46047548a7ac9700898be13fe420719099a13dc7e923206f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame A60D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaUvv-1wlFxSye-SpWdCiWKp53ldjx9WoTW3iW8LlPJIHcg-NdZzGSX4p_re3oI_tMMy18s4lxuJ9GDDg_t-O-Ynny_w02ojjCiFkxxT_Ztf5aHykc_I6K5U4hqx018yFSPbtzkz6-VBlgAdmKAfz748x8DbIXzZsEyGRDbyQnnLaaEbLVuu8v-uQ3F7WmP3YGllZvO3K_Rp5lQ2P_pfgzKBqRPikdzPPrDJEwWPz-jBGC-0ZX9eKpzIHe14dMwr4R7nIPFVRMWVwqJUF4yXh2m9U5olEU7-iHuaS-6GSJJBoLErzYEpoEXo-g0pJUIWZU1XEV18L62y4pdkS5t_PfN7Hn05am6OrMwIwxxyI1qW924UqyFN8ihHdjfJZSYAX0jWtd6V2hOtYi0JSjCEKgTbPLVzXOLY805QoT3K-d6w_pj1j0xVOetRK6xV1dOGjKwLmx1TZCsmhbSYGlTj5lsdTNFaHmGKFZDbFo6pxQ5lA3HYRnKKzB4Vhhgwnb2UMtSNGhopU3VeqyM_AdVxOi9Du3nPl2LVesUuwchXdrOj-sZVi-gIF5tt2ntFw0G-Yd55mW5iOlxCa0_dFg9fXJU6glnOrviXiJjMsNRr62fgJZ43Fp7pj2XJzHiAAp06tp0QGIZzdtc7ffaXM43cojXOL7fmuKCFC_ki-clmMD9GN3_FWgSEYOL7PE4zwmnNbOTtrU3Yw3zFFt-v76kX278BwE9t_DGSK6fALpgE30H5i4U-MutqaaJ-VkIN8KR4HpW71xAhlE5jsBVseCP1G-7Q1PH5zi456fj9p1avc4z_ECjWYaJAHCXkGKYGH_YEqzSliXxY0Mp0xS2EYv_gjU5OtZ9bc-aSx3Zt3Ezj_NJIFdJAj6SGALkpjrsz-XmzI5zDwfGVb6gLwcHhfhx2tNPX9rG0rEA8AQ6JYLr4xeDvBA-dwgB_0kHGOEsQv26pqWw3YhOI1Eb5SOmZ-mDEo-pOkkcLI8uAMlN9e-HQRJ5WPceurNaxSyAYCZP3MUiA1eintDUeJNLnW6V3hEhgiavuvsYfKN1Ni_SKfePYqGz3NXVV9kmn7NMPgqgSelfqLB8-Ij_vNHdcB2UhdlDZ2OM702PL8kT7YojQmJJrWlQZShc6e6a5KTJw&sai=AMfl-YTgX2V7j11PRVYNCx7P4OjFZlU8Pn7JU49jvp0HFhNyq85hkv4CWvcjd8F0yt5pkXqqYhOYChFw_15RgyFX2kedCaA26PqpaiUa0fnYi56DP9ZEZ8S-sA2SX_vXcUEJ99DkWGfFVrNoZlejcElUWAB7GDzep7DqbcvCBdx2crsXFtTZ-8maydeVAJloGBKd3oObgDMtrSpXKmOA0lH_WzhWm_6CCVUi2gHdCVA4ZOzR-Flv6W2Tz6of6MpwJGg4dhQe8HUKt_TBmJ3qFl005WZoicKL3zn5UqtwiAD1bymGYqHFbJp7JZNMosQyf17X1LYmJuHs-S3PVdmC6abADPlH1U6Uns9mVG5_zpm6K3iLx5gvO-t8swJBXXFv-5NIaxvIIZFg&sig=Cg0ArKJSzBd_lvQOCRemEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&vt=11&dtpt=199&dett=2&cstd=0&cisv=r20210729.08103&adurl=
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 03 Aug 2021 00:12:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sd
us-u.openx.net/w/1.0/ Frame FAA5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJsUqneb27KSwgqO3ovbpqo&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJsUqneb27KSwgqO3ovbpqo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNV6xbJhe2FgCyXSOEojDC4tzyO_XvXjpWKhsbQq-FF9fVRWKC5zfweON981Q5IGI1nnpak_qq9KSSLYYo0G3LVMdhhg12CBwdHhLAswE8jIUpa5n03b9kJ-fhyiQ-0sLCmPeCKKK2wCTqjZ0qQLRL8VhKyRaUb01l4zPaIJ-hjzFe5jUZ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJsUqneb27KSwgqO3ovbpqo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FAA5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWFlZDE0MWMtMDNiNi0yNWExLWU2NGUtNGYyOGZhYzM2Y2Vl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWFlZDE0MWMtMDNiNi0yNWExLWU2NGUtNGYyOGZhYzM2Y2Vl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNV6xbJhe2FgCyXSOEojDC4tzyO_XvXjpWKhsbQq-FF9fVRWKC5zfweON981Q5IGI1nnpak_qq9KSSLYYo0G3LVMdhhg12CBwdHhLAswE8jIUpa5n03b9kJ-fhyiQ-0sLCmPeCKKK2wCTqjZ0qQLRL8VhKyRaUb01l4zPaIJ-hjzFe5jUZ8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
server
OXGW/16.211.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWFlZDE0MWMtMDNiNi0yNWExLWU2NGUtNGYyOGZhYzM2Y2Vl
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame FAA5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECb8oWyG2MuLwRJyNVZvh2w&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECb8oWyG2MuLwRJyNVZvh2w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNV6xbJhe2FgCyXSOEojDC4tzyO_XvXjpWKhsbQq-FF9fVRWKC5zfweON981Q5IGI1nnpak_qq9KSSLYYo0G3LVMdhhg12CBwdHhLAswE8jIUpa5n03b9kJ-fhyiQ-0sLCmPeCKKK2wCTqjZ0qQLRL8VhKyRaUb01l4zPaIJ-hjzFe5jUZ8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 03 Aug 2021 00:12:35 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESECb8oWyG2MuLwRJyNVZvh2w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame FAA5 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COiFgQIQz_LP1AIY5OmwsQEwAQ&v=APEucNV6xbJhe2FgCyXSOEojDC4tzyO_XvXjpWKhsbQq-FF9fVRWKC5zfweON981Q5IGI1nnpak_qq9KSSLYYo0G3LVMdhhg12CBwdHhLAswE8jIUpa5n03b9kJ-fhyiQ-0sLCmPeCKKK2wCTqjZ0qQLRL8VhKyRaUb01l4zPaIJ-hjzFe5jUZ8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 03 Aug 2021 00:12:35 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif
AVmanager.js
player.selectmedia.asia/script/6.1/ Frame 8EE7 		344 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5743ed63aae3df0518af28d321d5b89d3e2c18186e95ed881e76a827ca11897e

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:35 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdu-4pV_JDsaI0xqmT62r7Kc7Ji-HAu_4OFY0mI0SDPDZ3vKqBlLLI1XCo82ICZ8Zf9uq4H46HckKwb9xqDi2VA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
99409
Last-Modified
Tue, 27 Jul 2021 06:26:18 GMT
Server
UploadServer
ETag
"ee4ab5c688352d70090399407599398d"
Vary
Accept-Encoding
x-goog-hash
crc32c=pUgJKA==, md5=7kq1xog1LXAJA5lAdZk5jQ==
Content-Language
en
Access-Control-Allow-Origin
*
x-goog-generation
1627367178090991
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=300
x-goog-stored-content-length
99409
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Tue, 03 Aug 2021 00:17:35 GMT
analytics.js
www.google-analytics.com/ Frame 047C 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
2161
date
Mon, 02 Aug 2021 23:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Tue, 03 Aug 2021 01:36:34 GMT
analytics.js
www.google-analytics.com/ Frame DA2D 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
2161
date
Mon, 02 Aug 2021 23:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Tue, 03 Aug 2021 01:36:34 GMT
tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
pagead2.googlesyndication.com/bg/ Frame E43D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 09:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
141143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13260
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 Aug 2022 09:00:12 GMT
tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
pagead2.googlesyndication.com/bg/ Frame E042 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 09:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
141143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13260
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 Aug 2022 09:00:12 GMT
tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
pagead2.googlesyndication.com/bg/ Frame 812F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 09:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
141143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13260
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 Aug 2022 09:00:12 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=m.creaders.net&sn=&ic=0&tgt=0&app=&wi=336&he=189&test=&apppkg=&fv=3&proto=https&pid=5c5bf265073ef44dbb3483fb&cid=60c21a7dd47c7876191f3a27&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&e=inventory&vi=100&cb=1627949555452
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
pagead2.googlesyndication.com/bg/ Frame 722C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 10:41:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
221485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 10:41:10 GMT
collect
www.google-analytics.com/j/ Frame 047C 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=354211929&t=pageview&_s=1&dl=https%3A%2F%2Fm.creaders.net%2Fnews&ul=en-us&de=UTF-8&dt=noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=noBid&cc=Default&_u=YEBAAUABAAAAAC~&jid=1944988558&gjid=2002118178&cid=338779857.1627949555&tid=UA-128776493-30&_gid=762646738.1627949555&_r=1&gtm=2ou820&z=1070198775
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
vidsplay_pass_pre.txt
play.selectmedia.asia/58fcbed1073ef420086c9d08/5fbcd7e8d7af2a444b42eac7/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.selectmedia.asia/58fcbed1073ef420086c9d08/5fbcd7e8d7af2a444b42eac7/vidsplay_pass_pre.txt
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0ef53677e97b7c0aaa68a9d7e0c3632641480ed0fb28d1982cd0dbca61a55346

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:35 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ABg5-UzoE-rg8oIZXogAc5_uIoJnoHYhXMsi6RrdgrYx8wjyDoOn4hx-NLt9ZEVOjF0yDaYomOaW8omvdu_lfAiFht0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
808
Last-Modified
Tue, 24 Nov 2020 09:52:49 GMT
Server
UploadServer
ETag
"9afd45f42f905f5ad656f233fd821668"
Vary
Accept-Encoding
x-goog-hash
crc32c=5hBGtA==
x-goog-generation
1606211569654311
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, range
Cache-Control
public, max-age=1800
x-goog-stored-content-length
1990
Accept-Ranges
bytes
Content-Type
text/plain
Expires
Tue, 03 Aug 2021 00:42:35 GMT
/
go1.aniview.com/api/adserver/tag/ 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=60c21b1576524450f8723437&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fm.creaders.net%2Fnews&AV_CHANNELID=60c21a7dd47c7876191f3a27&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=m.creaders.net&AV_DADPOS=3&AV_PLACEMENT=5&AV_TAG=60c21b1576524450f8723437&AV_TEMPLATE=60c2188a59f9b83f06493dc6&v=6.1.1.243&avtoken=555451&AV_WIDTH=336&AV_HEIGHT=189&AV_DNT=0&cb=1627949555485
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.42.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-42-43.compute-1.amazonaws.com
Software
/
Resource Hash
e4c8dd59015cc0c825903b855a81c58bacac310e2144b6dd744a25f11492c715

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 22 Jul 2021 10:25:55 GMT
collect
www.google-analytics.com/ Frame DA2D 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1528913043&t=pageview&_s=1&dl=https%3A%2F%2Fm.creaders.net%2Fnews&ul=en-us&de=UTF-8&dt=noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=noBid&cc=Default&_u=QACAAUAB~&jid=&gjid=&cid=338779857.1627949555&tid=UA-128776493-30&_gid=762646738.1627949555&gtm=2ou820&z=2064051093
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 09:57:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51299
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 047C 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=354211929&t=timing&_s=2&dl=https%3A%2F%2Fm.creaders.net%2Fnews&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&plt=1&pdt=1627949555316&dns=0&srt=0&tcp=0&dit=1&clt=1&_gst=101&_gbt=141&_cst=3&_cbt=87&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=338779857.1627949555&tid=UA-128776493-30&_gid=762646738.1627949555&gtm=2ou820&z=1827103087
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 09:57:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51299
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
hb_310028_7816.js
player.hb.selectmedia.asia/prebidlink/452208/ Frame 05DF 		367 KB
367 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/452208/hb_310028_7816.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3b75a8397ac1524344170247685676db74881aedaae13c0e0000ec4e15c96fd7

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
last-modified
Wed, 21 Jul 2021 17:13:10 GMT
server
nginx/1.18.0
etag
"60f855a6-5ba23"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
375331
expires
Tue, 03 Aug 2021 01:12:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 05DF 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b3f1bdf75dcc33fd124ac4ee83d7f6029f857efbf84f3a111e6708fcfb26a352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"947 / 755 of 1000 / last-modified: 1627942337"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24695
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:35 GMT
wrapper_hb_310028_7816.js
player.hb.selectmedia.asia/prebidlink/452208/ Frame 05DF 		956 KB
957 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/452208/wrapper_hb_310028_7816.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c4fe2e1949f772109d1de1db0084535559215acd2c4f21dc503b9a90c8d5ead5

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
last-modified
Mon, 02 Aug 2021 14:04:27 GMT
server
nginx/1.18.0
etag
"6107fb6b-eefb0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
978864
expires
Tue, 03 Aug 2021 01:12:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4AF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSR7DV1DG1_kIm33WYXYL-sqovO1Ku_u-3OKNIFIawA8VB3kpd4SkUaOqer7bA13WGcfqzdP5fSz_LzCYTvO7ux5QLf4o6D8ZcHcvVAwhH3wQSyus4S5mBj3zI850nJvxdJh_3au7HJmT2NXvEvam3bla65R2ef94ORg7R9ReAS30FlWUwOLmx93YK8wwkIPgrANsS_GRHc5-0BuK9GA3eLi4isVBX5bE6OHCnteh0iBOgEDA4_g3axQvKHlYDRXl5AKP8nWxiJ7pCBEoIc_XH-jgfARHDU4aP3Q_4sEHPTUUdFivr_zCvwiaBX0Y&sai=AMfl-YTN4KqgQjWuZAScacOOQ5L67lJvarCTP--lop9-UNSpgBxUl-3RHOkkk4k5uWrGDSpXEZbPBD_EIpcH1R7uRqGSt63NUtMIT2obzhVneLA6LoU7_4y19wdy8m3hruSc&sig=Cg0ArKJSzApqv-zWyesoEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Aug 2021 00:12:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 03 Aug 2021 00:12:35 GMT
pubads_impl_2021072901.js
securepubads.g.doubleclick.net/gpt/ Frame 05DF 		325 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 08:44:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116135
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:35 GMT
publishertag.prebid.105.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:30 GMT
server
nginx
etag
W/"6034e04e-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Aug 2021 00:12:35 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=m.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=m.creaders.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		457 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3992119418461726&correlator=2541061021313481&output=ldjh&impl=fifs&eid=31062030%2C31062051%2C21068031%2C20211866&vrg=2021072901&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_32&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C250x250%7C336x280%7C200x200%7C180x150&fluid=height&prev_scp=vli_adslot%3D23383%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie_enabled=1&bc=31&abxe=1&lmt=1627949555&dt=1627949555834&dlt=1627949551793&idt=1839&frm=20&biw=1600&bih=1200&oid=3&adxs=632&adys=6599&adks=2320450927&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fm.creaders.net%2Fnews&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&ga_vid=1773041457.1627949554&ga_sid=1627949554&ga_hid=1033629119&ga_fc=false&ga_cid=338779857.1627949555&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
815f00195441950cd1b6668b822f7d67ac4168b35a80d6ec42d50d5ae6fd3082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
221
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNUPPaAYqy-PBeM-Paew-aMwY-PPZqttyATUYaRrNBZKRmNYBBMBRrtNheRlmNBBUbYMARdzNwqfftkRwlNcso_aRkjmNBAAbYZA,YZAbYZA,BBUbYMA,YAAbYAA,TMAbTZA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9p3VWPtiQoFCov%2FWbdmDl4D8kq%2Baykc8vjyiEy3UnCjokNIBOUVY%2BR0L1PbAxGDEDMsXNv4%2BJg2AJYZz9b%2FiAQQd8DKuxd5oh1D7LRPhExiRGQ%2FMtxUYZNtTsWREOK1NpiYO7Eeye6UroU91HBVw4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
678b55d40eec0629-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ 		457 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3992119418461726&correlator=1577505503455812&output=ldjh&impl=fifs&eid=31062030%2C31062051%2C21068031%2C20211866&vrg=2021072901&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=21766281334%2C357_Creaders.net%2C357_Creaders.net_31&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C180x150&fluid=height&prev_scp=vli_adslot%3D1045%26vli_acc%3Dvli_9%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26vli_sf%3D1%26vli_ad_type%3Dpassback&eri=1&cust_params=hb_domain%3Dcreaders.net&cookie_enabled=1&bc=31&abxe=1&lmt=1627949555&dt=1627949555846&dlt=1627949551793&idt=1839&frm=20&biw=1600&bih=1200&oid=3&adxs=650&adys=5387&adks=2618413655&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fm.creaders.net%2Fnews&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1773041457.1627949554&ga_sid=1627949554&ga_hid=1033629119&ga_fc=false&ga_cid=338779857.1627949555&fws=0&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
56db4297ab55afe95b1537cb071dfadeb09aa76a53dd483e7cd60046ba39aaa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
228
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.vliplatform.com/bi/ 		0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi/?e=zdNPtYeYBqZ-KtAw-PYyZ-qtaT-BZMMAUwtwTMyRrNBZKRmNTAPZRrtNheRlmNBAAbYZARdzNwqfftkRwlNcso_aRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZA,
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:35 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2By2xhTrkAgwa%2FfTjFx2RMYRdvwjlb32XzmMyGRF5XrAdkniNjR1JyXsxTbrWqJJHrks9MCJuuFhXgXSDsZQd0aZujmN7DbEs7A47mQmRw%2BRlJJoXFDdnnIHbh3eaKoHCUSK6vw85AuPs0stSMsEfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
678b55d40ef00629-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
syncframe
gum.criteo.com/ Frame 0787 		291 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=m.creaders.net&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=m.creaders.net&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
299
date
Tue, 03 Aug 2021 00:12:35 GMT
content-length
321
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Aug 2021 00:12:36 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4657 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D1%26key%3D
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D1%26key%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=63128
expires
Tue, 03 Aug 2021 17:44:44 GMT
date
Tue, 03 Aug 2021 00:12:36 GMT
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame C4EE
Redirect Chain
  • https://sync.1rx.io/usersync2/selectmedia?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D13%26ke...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=13&key=OPTOUT
0
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=13&key=OPTOUT
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.242.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-242-93.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=13&key=OPTOUT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1627949555815-983601092972-008604-011-007822
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
content-length
0
set-cookie
2_C_13=OPTOUT; Path=/; Domain=aniview.com; Expires=Wed, 04 Aug 2021 00:12:36 GMT; Secure; SameSite=None 2_C_13=OPTOUT; Path=/; Expires=Wed, 04 Aug 2021 00:12:36 GMT; Secure; SameSite=None

Redirect headers

server
Tengine
date
Tue, 03 Aug 2021 00:12:36 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.aniview.com/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=13&key=OPTOUT
etag
OPTOUT
cookiesyncendpoint
sync.aniview.com/ Frame 3FB4
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=36800e4a-7fee-40ba-bcb0-adf158f0815f&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D23%26...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=23&key=00cc7fff-a5a6-4aed-82c3-339c0a38e086
0
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=23&key=00cc7fff-a5a6-4aed-82c3-339c0a38e086
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.242.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-242-93.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=23&key=00cc7fff-a5a6-4aed-82c3-339c0a38e086
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1627949555815-983601092972-008604-011-007822
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
content-length
0
set-cookie
2_C_23=00cc7fff-a5a6-4aed-82c3-339c0a38e086; Path=/; Domain=aniview.com; Expires=Wed, 04 Aug 2021 00:12:36 GMT; Secure; SameSite=None 2_C_23=00cc7fff-a5a6-4aed-82c3-339c0a38e086; Path=/; Expires=Wed, 04 Aug 2021 00:12:36 GMT; Secure; SameSite=None

Redirect headers

vary
Accept, Accept-Encoding
set-cookie
i=552ef88f-6346-44f2-a978-dd7954069173|1627949555; Version=1; Expires=Wed, 03-Aug-2022 00:12:36 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.aniview.com/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=23&key=00cc7fff-a5a6-4aed-82c3-339c0a38e086
date
Tue, 03 Aug 2021 00:12:36 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
clear
Cookie set usermatch
ssum.casalemedia.com/ Frame 51CA 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D42%26key%3D
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0fc0c150eaf673f2893cce5a647c66211c05c126bf26d27300f536c3d6283a87

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://m.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=328; CMID=YQiJ8ypaTdtnMWUKFIFXfgAA; CMPRO=210; CMST=YQiJ82EIifMA; CMRUM3=2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|46|73|105|218|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1805
Expires
Tue, 03 Aug 2021 00:12:36 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:36 GMT
Connection
keep-alive
Set-Cookie
CMID=YQiJ8ypaTdtnMWUKFIFXfgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:36 GMT CMPS=328;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:36 GMT CMPRO=210;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:36 GMT CMRUM3=27610889f40b40&ce610889f405a0&e6610889f42760&49610889f405a0&69610889f405a0&da610889f42760&f1610889f405a0&2e610889f405a0&2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:36 GMT CMST=YQiJ82EIifQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 Aug 2021 00:12:36 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame C7AE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://m.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 03 Aug 2021 00:12:36 GMT
Connection
keep-alive
spotx-pixel.js
play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/ Frame 8EE7 		417 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/spotx-pixel.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
60f038994fd542f86289f531b86d5d553b016540e205d70ce094323ebee91397

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:36 GMT
X-GUploader-UploadID
ABg5-UxmXjmDN7d3Z5bQshR8ZLN-0Hl2KWVfD0EpTdz2c5wUxnDZGx_EZnNzga5Tv4WQrZRlVJsZKZ13_ceCCjpDBaivKn6pEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
417
Last-Modified
Sun, 26 Jul 2020 12:32:25 GMT
Server
UploadServer
ETag
"f70554e00ba53d6687836b60f833456e"
x-goog-hash
crc32c=bH2gjQ==
x-goog-generation
1595766745952958
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
417
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Tue, 03 Aug 2021 00:42:36 GMT
tag
cguke-lp2na.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-lp2na.ads.tremorhub.com/ad/tag?adCode=cguke-c54qn&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,,CyberMedia%20Network%20Inc.,creaders.net&us_privacy=1---&cbb=7949556030
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
avpb3.js
player.selectmedia.asia/script/6.1/ Frame 8EE7 		282 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.selectmedia.asia/script/6.1/avpb3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
fe376626e35270fa60cf647c476851387d93440816777c74fce6437e273ef612

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:36 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycduR0KptIsdJujIwG0-7B0hn4igSKYLIwdjdRKtC87ENdZnd7_XLaQ1Oro6od1QDYnS6F5zVd8vnymdnc6RgPmM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
90379
Last-Modified
Tue, 27 Jul 2021 06:24:45 GMT
Server
UploadServer
ETag
"460a8d9b2ac1f262d3e719c11b8a6e16"
Vary
Accept-Encoding
x-goog-hash
crc32c=4pmTbA==, md5=RgqNmyrB8mLT5xnBG4puFg==
Content-Language
en
Access-Control-Allow-Origin
*
x-goog-generation
1627367085871012
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=300
x-goog-stored-content-length
90379
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Tue, 03 Aug 2021 00:17:36 GMT
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=selectmedia&user_id=1627949555815-983601092972-008604-011-007822&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.115.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-115-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627949556032&asid=60b5dafed921561dff52c9df%2C5ecb8e11ee519a0e8566e3b3%2C5f5e1c5ad1bb37468a36ee81%2C60100a23846aac2338662284%2C5e4e530428a06142567364a0%2C5eb94ee4d944107a141a21c4%2C608947e2747cc640e41606e8%2C5cd95a0728a06120f816a67c%2C60ed8c214b5f003eaf39e55d%2C5eccd16e0b311965fa1451f4%2C5fda411e0b8bf63afe5b1450&ofpr=4.85%2C2.5%2C0.9%2C0.9%2C1.55%2C1.88%2C%2C%2C%2C1.65%2C0.9&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
biltag.bilsyndication.com/passback/ Frame 78C1 		195 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biltag.bilsyndication.com/passback/?t=1627751911&d=357&z=23383&divID=vi_35723383_670&w=336&h=280
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8e7a24d39696f203b4eaf83f0cb2539eac81422bd5533cf62eb44f7e8005ae
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
678b55d558615364-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.bilsyndication.com/pi/ Frame 78C1 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.bilsyndication.com/pi/?e=zdNKrTwMrPe-Ptar-PwZq-qPZw-wqwyaPyawBtyRzNhqllwqe0RrNBZKRmNYBBMBRrtNRcsokty_orN
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
678b55d5686d5364-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/ Frame 047C 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=354211929&t=pageview&_s=3&dl=https%3A%2F%2Fm.creaders.net%2Fnews&ul=en-us&de=UTF-8&dt=Adx_noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=Adx_noBid&cc=Default&_u=aEBAAUABAAAAAC~&jid=&gjid=&cid=338779857.1627949555&tid=UA-128776493-30&_gid=762646738.1627949555&gtm=2ou820&z=939036004
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 09:57:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51300
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
biltag.bilsyndication.com/passback/ Frame 906B 		195 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biltag.bilsyndication.com/passback/?t=1627751911&d=357&z=1045&divID=vi_3571045_633&w=300&h=250
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c9ab098c52fb0a119002a1a1721b555823537a66ec5e1194371ead7fb00c2a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
136767
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
678b55d5888b5364-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.bilsyndication.com/pi/ Frame 906B 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.bilsyndication.com/pi/?e=zdNytPUKwrr-TTaY-PPKa-arUM-wAZrKTYKAeYyRzNhqllwqe0RrNBZKRmNTAPZRrtNRcsokty_orN
Requested by
Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1627751911/48fa7cd880dd48ce89b6a7d4785f9ea2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
678b55d5888c5364-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/ Frame 047C 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=354211929&t=pageview&_s=4&dl=https%3A%2F%2Fm.creaders.net%2Fnews&ul=en-us&de=UTF-8&dt=Adx_noBid_creaders.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=creaders.net&cm=Adx_noBid&cc=Default&_u=aEBAAUABAAAAAC~&jid=&gjid=&cid=338779857.1627949555&tid=UA-128776493-30&_gid=762646738.1627949555&gtm=2ou820&z=1273730829
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Aug 2021 09:57:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51300
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 8EE7 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer
Requested by
Host: play.selectmedia.asia
URL: https://play.selectmedia.asia/58fcbed1073ef420086c9d08/5f1d77d19f2f1340cb280573/spotx-pixel.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c29162cd07f825095482d330c88678423ee77175540ad69a62984eee961a163d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35153
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:36 GMT
ts300x250.gif
www.creaders.net/ads/banners/ts/ Frame 906B 		838 KB
839 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/ads/banners/ts/ts300x250.gif
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8d54ca529d86918310923e81f3a2e5bcf03ecba725c6054c4338ce9efa41908d

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
last-modified
Sat, 15 May 2021 19:08:22 GMT
server
Apache
accept-ranges
bytes
etag
"d16ff-5c2631582d580"
content-length
857855
content-type
image/gif
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.106.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-106-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
cc7baf59a4090383aed76a310bd0302f2266266bafc1037f726bad827c91f5c8

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:36 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
prebid
ib.adnxs.com/ut/v3/ 		138 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
bff684b48da4b1a296fd4a57fe3c6c6b5e95025296553bc2cc363f6a31717e9d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:36 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8dc016be-e199-43f9-abc0-b42d4a7a8dbc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:36 GMT
X-SpotX-Timing-Transform
0.000511
X-SpotX-Timing-SpotMarket
0.006871
X-SpotX-Timing-Page-Mux
0.001018
X-SpotX-Timing-Page-Require
0.000274
X-fe
139
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
X-SpotX-Timing-Page
0.014199
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003331
Last-Modified
Tue, 03 Aug 2021 00:12:36 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006871
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://m.creaders.net
X-SpotX-Timing-Page-Misc
0.002151
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627949556141&pKey=586507894&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fm.creaders.net%2Fnews&playerSize=336x189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:36 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627949555506092-395
Expires
Tue, 03 Aug 2021 00:12:36 GMT
tag
cguke-9h64o.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-2x5lz&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,11117c21e478b653aef36e30557acc91_172312207,CyberMedia%20Network%20Inc.,creaders.net&transactionId=d6d784bb-df9f-4669-a186-75376cb5e2e8&floor=USD:1.88&referrer=https%3A%2F%2Fm.creaders.net%2Fnews&hb=1&fmt=json
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
tag
cguke-9h64o.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-6b2fz&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,11117c21e478b653aef36e30557acc91_172312207,CyberMedia%20Network%20Inc.,creaders.net&transactionId=5c7b2bde-d126-460b-a9a4-2232502a17e4&floor=USD:0.9&referrer=https%3A%2F%2Fm.creaders.net%2Fnews&hb=1&fmt=json
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072901&jk=3992119418461726&bg=!6Oul66_NAAals0SOpbM7ACkAdvg8WheCs8eEqvvqv5DzsE-XQ0i1sd2_Z8lPtY2FRJcXwb3kyMcLdQIAAAE2UgAAAEBoAQcKAEbIg66AtiB5JbbXJpmHrgDRFheLZXKNAJjGhHnGtBa8hMCdMFLt2cVlm9mLQfmuY-mAwaHtwwzNnM5d9kVaaoaKs5pxJYLDmQKBIZ303jJH-ax7MTsI0zVZMX_p4BkuuoMwQB33nIuBLgSFk640tJVlDSve1-1EFHRaWv4-NdNmX-xmiUkN2KSg6J8Oq3tXZguDEAD2F-mpwYLmnp1blbJjR0rssGJ5rhNEtd-ylPdcarjs7f2AK0PvaFjlqWsS2wZ-UyGocw2UUqSAjsv7ZrMcJvyaGXKbLOvSKUqYioC75TSy7oJhPlHY73B4gDvDaRpE-ocHsyw8F2mKPWnXYR8u1pWRXDZf1ZHNcl0FxJdMJr4mkupD-nbGa1NJ25WTxfj1NlxPDygwQipWT2ZXTAZMEAI9s-2WLm4H3P1oMflUy3f6q3lReg-Kx6g5j9USMdQYwvmbKM0EQjJyUphfFQcdh5wAnL8CnntbcgY6kIwnWV7l35EE82RZYX4WCrob-jInv_D6w3kS9bAmcUPb17E5qpJvXMT4rvRMms9NuO1iXMgzGXrbAAXqe8oNyF7dqWAt6u8SQoSIC9mUsdM8ImH6rbiXVMO1Fot6S7VUvaMmkbpyJzb9WUikU0geEqSvZr1yjCUOU_ErMnWr7vmZhrg_LUybVyr-yAjOd6ghhbZ3JMvU6QGydSicqqnEIUS-vSoWT59wmBh8n5XVARwt1DVCusJHYPz5Qcbm9QCexqzO3iG8SQW6TrZX6gCcnegybJWXmD8xhFSLb-4GrbmQkTd85dneenQTWJ5dnsvUx9fknGSDfnBwSlPjc8QhkbUfB0nh3F1k1Xf2lFzuk-AoZGNCJbkMRfb7a6qA_BnVMyTgNB3h6Idp39qFGrV137vadn-poJGb7-NcI99fj8qvLUC7_NzfO-ur1jemK2IO1Bgny_wU_1D67ngpKK8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 812F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO8Io8okIYdPwFZTz3gP2p5XYBwAAAAA4AeAEAg&bg=!n5ylnNjNAAals0SOpbM7ACkAdvg8Wug5SGiYJsTmKrm4TRGPyi4wHmzGXEk-W5FdHReOK87bZbCKfgIAAAIEUgAAADhoAQcKABIqdlfNtKcYGBZ86CcPc2gKZ06ZAtAm8o4k0p0_t2ws_oK0HLzS-maPcItlNaUC1l9qBBP7pAFOmPJIR-NZwLzR-EAZwEzSGxWqJCXh1ZSQjN0FmkXayoENP4ObctvN3l15MTLZK2sR_1Ecd-9XSKropaTub74938c40UdFuTzGLNed8YORYCHnKckePAoqPCRGNy5suMD5ky52O3oErjCWq3cf1_Yc1WeN0kbkUgv7YEidSkm7JOhYq7nr6EWiU8amiwk6lgICMee_nVmh_YSKW1Hddsl_6ZnF_tMwsVi-4POVXxoG7CGWbrnq2qrV0o9GIuI_UZW_jhf32dKk0vnzyDkRTPLWqqv08VUx-i7EiqfJyrOnZEKTRO0Es_IOcgXCIjrsiZ-s2oy7CWYxX4SNjB4GdlFCQRa5J2rSqZPNDTWvPU0J3M9ubVEhupKOOOq-KMC45ry66TYdFtUq-XjF2l0cL1nQT0o_YqRA9V57KpMFIuWIayqrSMg9AWP5FP-4uTpoEK1Xwkqpem_qcGS9FmLMoE9XFMcC_84AaRQ2fSUw_EYebc72TuT4M4qipI3T2mmZYpEsI6KpYcnHxpD-ELBxOTKVUmHkbcHbnEa_VVYih2V8vJvHGXYT2prHwT5Lor3RbKMjgtqloAjjsTCGsc89iqOgqIv8eNn8kLT5fKCOhNAIH6mJPPqDqQDZmr1kppx0LSxoO2ETI4xgZeHt2q5FMvN8FbEKExGcmdxKBsKvSOvBD3qQymfWdSeHdb5sRfviL-MUfkUUKtKp09WuWrrRwOYw21IBJFjY4wZgO-YIsMNab2Oqf8zcTUbAUwpytLsWasQrtO8C02_7Wk6RiWI7cConICumb19w91exGxvojsjecRa2XEp8zpeF_3LwMoiJ3Hn1wkpqhY5GZ3NK6Z8FmFEcrfIufLnLbonGq4ZjLxOlWmuGJqkPUOQvxSZWrzJRoY7KErcO2J6emNkVrA1AQhE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E43D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkwAK8okIYdHwFZTz3gP2p5XYBwAAAAA4AeAEAg&bg=!jY6ljsrNAAals0SOpbM7ACkAdvg8WrT1q5dWLMyAYh7eVZYRjpIWoC4NJtga6F4xtjlGfPq4reUKkwIAAAJAUgAAADhoAQcKAGYwiLVfJv4PH06JiiPsg0HLWCtuA3euud7CJO8w0zaATP6x5qgXwXTOGobSs6EBc5bCXMq9rgapSnX-ZOIO0mi9XITK5wGyG2Fm0crnY8-geQq3rhoY6wvu9WOdME4ORSFqOJccJcWZAscRJwvjeyLyAQvzS3Lse3bitVsEZJtsX58LYHZnKibDSmiTorxHOQHVZTRZX5rDChDfc4Ah8UMbC2MvIsy7cl2PaiwgPirXltUmwNYEueVD8gb_bjEIU38Rcy9JK8SNykne6R8O9pNXRO0gSZ4acupDUIDuRpYWaTgv64cadk4xVVo9PxSzi7F9VHSBMkHm1f-i-RRVdBZErD4hsjVtXTy9h2Gvsi_ScmGs--j0wgbeQXTPjmAZbnnVKgbRH7DfKavWoHXynzUGCeR5MZj_DTWV0XvvvuVaa3zQA07rI4TFf3RCfvZ7aNH6rL4GQ4CqDrM53PxXsIYTY2TpvwgiFKCzahHQlFWqmn0cHCOZyrJIm-4t6UjU0S8YvAgeMqtMAp7n7PhQwY79UADYH-rx7A1-GfA0qjjlCuFomvd3ibFpBKLRneOovZz2TcYqv2BU84rw-yn6iDieOayJVwmeCgs_VJZrKi0VYFmlO6IjW0rfHkbyPudkeSHrnsWrxT3JsMZ2ZRqQ8e1bX8BZTGPZDlKRe33dEMCvK1_EkD4Qx3fC2vGVgPM_xVDmJ46KqULsKFniA6ty7G7DdR-AsSNnMMyc2bS1dzc9lkbkMz9kUuKR1Q1nr-NoBaPrVbNR1ocDBsNPrOCbah1ze0oWdDdGcW9ZbyU3ZEohtfxetIg5Ksj4VQRzV02VP2X4gQa1KEwJ0btIhWMyHof2hNOpcunUL_p9bLkXBh-zIzLhLLtKuRbH_pO8FU8Xv8wdO4WU_HIEsA-UXgQdBYOFupgxWESlXq3BG4keSnL18BBVIaYFRSdgbSgjzdWowMyb_mqlj629F_oJZbe-2Nz0HlD2T7ATvVH4MKkw092YMAm_phxsFByoyJzo_C3sV_1s0Vm0-tA4bg9l4RANpoVDi5gxBv6TX67JRTQNXiat46Ha_FjhRFeiM1PO1J20aRI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E042 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv6AN8okIYdLwFZTz3gP2p5XYBwAAAAA4AeAEAg&bg=!ZWalZiLNAAals0SOpbM7ACkAdvg8WuK3qT0jX_mrNuysG3u9asfrQ3J2QvZYbzAeLOVHvKnQi4ONBwIAAAI3UgAAADZoAQeZAtI_WehySOVy7tk023nl3BRGAhCmvehyrqtaBr1Kx-O65ngLKRdF-_yUWADRWgyzHFWXUmoEtwKhpTC3ux-DKHbBMY_WFtytUIdZrEJqmtZzXTuRzMZ7qLl6_hrJNsQV_9R3vkYSKBAME6EPXxiojuG_DAdWwdcE967MFgkLY81jl3eEHmtVhOuiNooy7BEnVXrVh9wndqVb0GQzIOOxAAFiKTTQVhN8o-sRP1DuTaW043zkHEDJqIwoJh3W4_s-tz4PBjcuNqKWgvbZYRKRCNi8_rKS7jPMCJSIEwC9QgjIxq3BJh2Wb6z9FPii-xRCHoDyNHZbjswgXvICZPd-QVaRdhwIN_eABaZ9i5ehbBdotAwxRv4A5SCCMWZjI0_--liNPRSWz-QQyk-b11P8kHlkOcfnfrOmrCAduU1UnoNmZ9v1dZYL4R80TgJDmdy4wqHpSMFl7vpuVI1cvlRIrX-Otbwp1iPMb2F5eXG3NfhWniHmb6wL40rW-IM-Pl6m7Q4KZWZ2oexYm_WDaj4ddv-PmR4Gh13GATh6q084fXNB3Mw2S1A0FjK-06pVSpYYPSuYbGtvNcitRjaviKLZTpyqn2zR6MMDT-jxvlyr8v26q8rWEV2gN6MDkvPdq5zuzI7wGq_MGL1yNd5vFTS0WagQL9qgjMah6MkaCqcD8Z5VOSB26nrO9XrBXUGImtVv3_NitBkLGY5sj_errqc4BGiTrOyyuUrgtqL-RbFTSsm2rG6QeT3t795NiNSjIhOWZgF7hfcdnA9SmFKsN_aqaXwVorAvqKHQu4IcCR9oRzbCa7UXpgLth9y5DoEULlaLZGMzM9yT-5zlQ3bzOJMJS16Th3CdsgyaAbdLVq5EcoBWSg7O9Bl7ZuAwtTdTR-bgRSrkIuzIbu9l4Ti3VIrvZLggDFjAgrzZUMaNeZ6fASFAyvTh3WoWpu6tMe6lE7h4ej5BsQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7
  • https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=81ac0117-f3ef-11eb-b7eb-17d925990206
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=81ac0117-f3ef-11eb-b7eb-17d925990206
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Tue, 03 Aug 2021 00:12:36 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
84
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Tue, 03 Aug 2021 00:12:36 GMT
Server
nginx
Location
/partner?source=82810&sync_limit=7&__user_check__=1&sync_id=81ac0117-f3ef-11eb-b7eb-17d925990206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
4
Connection
keep-alive
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 4657 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77560711&p=157288&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157288&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:34 GMT
content-length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame E7CC 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
818e56949b0177aceb969f43c010b2af4d1186882781b882e834125ed414cb61

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=328; CMID=YQiJ8ypaTdtnMWUKFIFXfgAA; CMPRO=210; CMRUM3=27610889f40b40&ce610889f405a0&e6610889f42760&49610889f405a0&69610889f405a0&da610889f42760&f1610889f405a0&2e610889f405a0&2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8; CMST=YQiJ82EIifQA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
4|88|3|130|13|190|218|230
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1743
Expires
Tue, 03 Aug 2021 00:12:36 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:36 GMT
Connection
keep-alive
Set-Cookie
CMID=YQiJ8ypaTdtnMWUKFIFXfgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:36 GMT CMPS=328;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:36 GMT CMPRO=210;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:36 GMT CMRUM3=58610889f405a0&2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8&0d610889f405a0&03610889f405a0&82610889f4a8c0&f1610889f405a0&2e610889f405a0&49610889f405a0&e6610889f42760&69610889f405a0&da610889f42760&27610889f40b40&04610889f405a0&ce610889f405a0&be610889f405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:36 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 51CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 51CA 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YQiJ8ypaTdtnMWUKFIFXfgAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 51CA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PDKZ5DKHR6CHQD3HZFA7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5XS31MKCWVD8N9DT33NZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 51CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 51CA 		43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 51CA
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:39 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 03 Aug 2021 00:12:39 GMT
server
nginx/1.20.0
content-length
76
ibs:dpid=23728&dpuuid=YQiJ8ypaTdtnMWUKFIFXfgAA%26210
dpm.demdex.net/ Frame 51CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YQiJ8ypaTdtnMWUKFIFXfgAA%26210?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.168.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame 51CA 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:37 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookiesyncendpoint
sync.aniview.com/ Frame 51CA 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1627949555815-983601092972-008604-011-007822&biddername=42&key=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=192700&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627949555815-983601092972-008604-011-007822%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.242.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-242-93.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
content-length
0
ts336x280.gif
www.creaders.net/ads/banners/ts/ Frame 78C1 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.creaders.net/ads/banners/ts/ts336x280.gif
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.150.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-150-30.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fb84ccee7e98b50c4725b5cf6b7df76b5382ef6af815ec403d9c95365c1d1e41

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
last-modified
Fri, 14 May 2021 07:57:09 GMT
server
Apache
accept-ranges
bytes
etag
"100aea-5c24597363f40"
content-length
1051370
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame E7CC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3672896151570425710
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3672896151570425710
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3672896151570425710
pragma
no-cache
date
Tue, 03 Aug 2021 00:12:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame E7CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YQiJ9AADLXX65ABg
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQiJ9AADLXX65ABg&gdpr=1&_test=YQiJ9AADLXX65ABg
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQiJ9AADLXX65ABg&gdpr=1&_test=YQiJ9AADLXX65ABg
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627949557.858685,VS0,VE0
x-served-by
cache-fra19160-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQiJ9AADLXX65ABg&gdpr=1&_test=YQiJ9AADLXX65ABg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame E7CC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:36 GMT

Redirect headers

Date
Tue, 03 Aug 2021 00:12:36 GMT
Server
MT3 3820 7698daf master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 03 Aug 2021 00:12:35 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame E7CC 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.92.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:36 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E7CC
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=068b220438a18471fd45e6e6&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=068b220438a18471fd45e6e6&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:36 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=068b220438a18471fd45e6e6&expiration=[EXPIRATION]&gdpr=1
Date
Tue, 03 Aug 2021 00:12:36 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
getuid
ib.adnxs.com/ Frame E7CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ibs:dpid=23728&dpuuid=YQiJ8ypaTdtnMWUKFIFXfgAA%26210
dpm.demdex.net/ Frame E7CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YQiJ8ypaTdtnMWUKFIFXfgAA%26210?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.168.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usermatchredir
ssum-sec.casalemedia.com/ Frame E7CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E7CC 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YQiJ8ypaTdtnMWUKFIFXfgAA%26210?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:36 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1719
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:41:15 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627949556460&asid=608947e2747cc640e41606e8%2C60ed8c214b5f003eaf39e55d&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DBCC 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:36 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2E43 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:36 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame 6290 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402837
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 2E43 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:36 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame 3227 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402837
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame DBCC 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:36 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5F59 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C18A 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 6290 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4326100521226797&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=67270297&sdk_apis=2%2C8&sid=DAF5F0AF-C963-48A5-9623-6B05E45EBAAF&eid=420706109%2C44737475&top=https%3A%2F%2Fm.creaders.net%2Fnews&loc=https%3A%2F%2Fm.creaders.net%2Fnews&dt=1627949556939&scor=241478973307812&ged=ve4_td1_tt0_pd1_la1000_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 3227 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21939239661%2Ftsm%2FS-TEST&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=645354813134208&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=3999163405&sdk_apis=2%2C8&sid=D9755666-8F38-4F1E-BE2F-2AAD363A8D6D&eid=44725355%2C44737473&url=https%3A%2F%2Fm.creaders.net%2Fnews&dt=1627949556945&scor=2866416307829066&ged=ve4_td1_tt0_pd1_la1000_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 872A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://m.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=533865603248255222; anj=dTM7k!M41.D>6NRF']wIg2Iliv5pyK!]tbPl1M>e)ZlrFUfJ+tGXxo7Rn2vA`u0WUVFS8HDaiDrHV!t+aaVGQQeXO=*bpRz*qF1`*b^y:)s95e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 30 Jul 2021 04:43:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 03 Aug 2021 00:12:37 GMT
Age
70158
X-Served-By
cache-lga13624-LGA, cache-fra19134-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 519423
X-Timer
S1627949557.108434,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D58C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://m.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Aug 2021 00:12:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55986/sync?uid=YQiJ9AADLXX65ABg&_origin=0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55986/sync?uid=YQiJ9AADLXX65ABg&_origin=0&gdpr=0&gdpr_consent=&verify=true
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YQiJ9AADLXX65ABg&_origin=0&gdpr=0&gdpr_consent=&apid=UP822295d5-f3ef-11eb-821a-02407095623c
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YQiJ9AADLXX65ABg&_origin=0&gdpr=0&gdpr_consent=&apid=UP822295d5-f3ef-11eb-821a-02407095623c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:37 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YQiJ9AADLXX65ABg&_origin=0&gdpr=0&gdpr_consent=&apid=UP822295d5-f3ef-11eb-821a-02407095623c
date
Tue, 03 Aug 2021 00:12:37 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=9c121b11d448f9ceb9c4dcd546cc267&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g043_6991990106852862640
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OWMxMjFiMTFkNDQ4ZjljZWI5YzRkY2Q1NDZjYzI2Nw==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAxdh4e0XfI4kvlsLHvYmNo&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=21972bee-26c8-4255-96c3-cb8e625d1a3a
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/9c121b11d448f9ceb9c4dcd546cc267&gdpr=0&gdpr_consent=?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-9A6dxu5E2oMy8u_.gjXy__ZAW1daLnQNUlZXNsnd~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=533865603248255222
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YQiJ9AADLXX65ABg&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=GjW9oaDq1MaI2W5&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=9119958038253429946
0
0
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP822295d5-f3ef-11eb-821a-02407095623c
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA4MjIyOTVkNS1mM2VmLTExZWItODIxYS0wMjQwNzA5NTYyM2M%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEBPnKKen9EXfYc6pVLb4c7c&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEBPnKKen9EXfYc6pVLb4c7c&google_cver=1&apid=UP822295d5-f3ef-11eb-821a-02407095623c
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEBPnKKen9EXfYc6pVLb4c7c&google_cver=1&apid=UP822295d5-f3ef-11eb-821a-02407095623c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:37 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEBPnKKen9EXfYc6pVLb4c7c&google_cver=1&apid=UP822295d5-f3ef-11eb-821a-02407095623c
date
Tue, 03 Aug 2021 00:12:37 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=21972bee-26c8-4255-96c3-cb8e625d1a3a&_origin=1&gdpr=1&gdpr_consent=
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=21972bee-26c8-4255-96c3-cb8e625d1a3a&_origin=1&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:37 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=21972bee-26c8-4255-96c3-cb8e625d1a3a&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627949557110&asid=60b5dafed921561dff52c9df%2C5ecb8e11ee519a0e8566e3b3%2C5f5e1c5ad1bb37468a36ee81%2C60100a23846aac2338662284%2C5e4e530428a06142567364a0%2C5eb94ee4d944107a141a21c4%2C608947e2747cc640e41606e8&ofpr=4.85%2C2.5%2C0.9%2C0.9%2C1.55%2C1.88%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
tag
cguke-9h64o.ads.tremorhub.com/ad/ 		55 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-2x5lz&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,11117c21e478b653aef36e30557acc91_172312207,CyberMedia%20Network%20Inc.,creaders.net&transactionId=79652cc9-eff1-4501-904f-8606d6291c4c&floor=USD:1.88&referrer=https%3A%2F%2Fm.creaders.net%2Fnews&hb=1&fmt=json
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
fd7f9ad5d0df00744057ee4c4239e9e03e5fcf0167dbee5615f65ddaceb7e10c

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:37 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:37 GMT
X-SpotX-Timing-Transform
0.000357
X-SpotX-Timing-SpotMarket
0.005871
X-SpotX-Timing-Page-Mux
0.000853
X-SpotX-Timing-Page-Require
0.000385
X-fe
083
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000080
X-SpotX-Timing-Page
0.037699
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003209
Last-Modified
Tue, 03 Aug 2021 00:12:37 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005871
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://m.creaders.net
X-SpotX-Timing-Page-Misc
0.026932
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		139 B
973 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
34ce1765d8c00898813eb90fc4e527a4054f7023b8f44686c58c3fc51a2b3d19
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:37 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
dd6805d4-cee9-4a22-91b2-d88bbb30e845
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.106.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-106-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a7e2794ef4a8f5e410ed5b95405f174715b1ecd3c93a751d2c2f9a4743c14fc3

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:37 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627949557120&pKey=586537622&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fm.creaders.net%2Fnews&playerSize=336x189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:37 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627949556838029-408
Expires
Tue, 03 Aug 2021 00:12:37 GMT
usync.js
eus.rubiconproject.com/ Frame D58C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c33e931153a5d48ac0f9521179fc8086b3bae8e217e47b7b2f55b02fa3dec5bd

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44674
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Tue, 03 Aug 2021 12:37:11 GMT
khaos.jpg
token.rubiconproject.com/ Frame D58C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627949557424&asid=608947e2747cc640e41606e8&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C2B1 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:37 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame 0B38 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame C2B1 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:37 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1825 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 0B38 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3911994568933065&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=1539259824&sdk_apis=2%2C8&sid=448C48CF-A033-4A67-90CF-0A7D284E1FDB&eid=44712632&dt=1627949557582&scor=3743750943048982&ged=ve4_td1_tt0_pd1_la1000_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627949557693&asid=60b5dafed921561dff52c9df%2C5ecb8e11ee519a0e8566e3b3%2C5f5e1c5ad1bb37468a36ee81%2C60100a23846aac2338662284%2C5e4e530428a06142567364a0%2C5eb94ee4d944107a141a21c4%2C608947e2747cc640e41606e8&ofpr=4.85%2C2.5%2C0.9%2C0.9%2C1.55%2C1.88%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627949557698&pKey=586542652&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fm.creaders.net%2Fnews&playerSize=336x189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:37 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627949557511012-545
Expires
Tue, 03 Aug 2021 00:12:37 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.106.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-106-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d61e09b46fa549634a23ddd9fd43e90b30653a85cc007f0fc2002489fd15f215

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:37 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
tag
cguke-9h64o.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-2x5lz&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,11117c21e478b653aef36e30557acc91_172312207,CyberMedia%20Network%20Inc.,creaders.net&transactionId=2460fc30-fa12-401d-8d56-b667bfbf5b38&floor=USD:1.88&referrer=https%3A%2F%2Fm.creaders.net%2Fnews&hb=1&fmt=json
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
prebid
ib.adnxs.com/ut/v3/ 		139 B
973 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ef24a40bd07a06666b9894e4e4457c4a3ab67f012dd9d81f7abd3dc9c73a5d0e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:37 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2f965877-1e00-418a-af33-028533715d99
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:37 GMT
X-SpotX-Timing-Transform
0.000346
X-SpotX-Timing-SpotMarket
0.006117
X-SpotX-Timing-Page-Mux
0.000823
X-SpotX-Timing-Page-Require
0.000361
X-fe
067
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.015832
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003662
Last-Modified
Tue, 03 Aug 2021 00:12:37 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006117
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://m.creaders.net
X-SpotX-Timing-Page-Misc
0.004486
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627949557832&asid=608947e2747cc640e41606e8&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0161 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:37 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame D71D 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 0161 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:37 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 18C6 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame D71D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4034470237772483&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=3737690883&sdk_apis=2%2C8&sid=1FA5B473-8B3E-4870-93F0-72A4546B28B1&dt=1627949557968&scor=873968126636676&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627949558087&asid=60b5dafed921561dff52c9df%2C5ecb8e11ee519a0e8566e3b3%2C5f5e1c5ad1bb37468a36ee81%2C60100a23846aac2338662284%2C5e4e530428a06142567364a0%2C5eb94ee4d944107a141a21c4%2C608947e2747cc640e41606e8&ofpr=4.85%2C2.5%2C0.9%2C0.9%2C1.55%2C1.88%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.106.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-106-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
90075abda85ddcfd1af5057fd5519d9b66772dac6e910fa4d8b03b5b8d840231

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
tag
cguke-9h64o.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-2x5lz&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,11117c21e478b653aef36e30557acc91_172312207,CyberMedia%20Network%20Inc.,creaders.net&transactionId=d417e5eb-b96b-4724-8f33-b2ba6605eb2a&floor=USD:1.88&referrer=https%3A%2F%2Fm.creaders.net%2Fnews&hb=1&fmt=json
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627949558094&pKey=586566673&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fm.creaders.net%2Fnews&playerSize=336x189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627949557930023-332
Expires
Tue, 03 Aug 2021 00:12:38 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
973 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
875597d402e0b2512581fa0f83fa3d7260df414140d55bb00788f4e6822fa850
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
121462f5-6586-42e8-9acb-6d5062dcfb50
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
X-SpotX-Timing-Transform
0.000246
X-SpotX-Timing-SpotMarket
0.004813
X-SpotX-Timing-Page-Mux
0.000764
X-SpotX-Timing-Page-Require
0.000296
X-fe
111
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000022
X-SpotX-Timing-Page
0.013250
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003091
Last-Modified
Tue, 03 Aug 2021 00:12:38 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004813
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://m.creaders.net
X-SpotX-Timing-Page-Misc
0.004007
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627949558216&asid=608947e2747cc640e41606e8&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 65DF 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:38 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame 0F3D 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402839
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 65DF 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:38 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6E00 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 353B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://m.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 03 Aug 2021 00:12:38 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ABB5 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=63126
expires
Tue, 03 Aug 2021 17:44:44 GMT
date
Tue, 03 Aug 2021 00:12:38 GMT
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FDBD 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=157940&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=63126
expires
Tue, 03 Aug 2021 17:44:44 GMT
date
Tue, 03 Aug 2021 00:12:38 GMT
vary
Accept-Encoding
quantumdex
sync.quantumdex.io/usersync/ Frame D081 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b0e18ca5bd168454ac6d5620e591f97867a7db993d1b42c9bd2d307631365ef

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
content-type
text/html
set-cookie
uid=e96fa2be-1f0b-4ae3-a477-7db1b98120e9; expires=Mon, 23 Aug 2021 00:12:38 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHd%2F4qnR8wnnFpUC1l0HQ4c6rAIPS3StCZCsDdT%2FzSxFihHcVQr83U36atKCiM63JXKOIvgHhmUeGsF4%2Fe6gs%2Fym9cArmVTv%2F1TlSzO%2BhJcGpdZT0YL1F7dTN9KG9bc1hCanp%2F4oZNr0Dba4SSiNlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
678b55e379ccc2d6-FRA
content-encoding
br
ixmatch.html
js-sec.indexww.com/um/ Frame 6F81 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://m.creaders.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 03 Aug 2021 00:12:38 GMT
Connection
keep-alive
quantumdex
sync.quantumdex.io/usersync/ Frame 7FEB 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11714d3e85e2692d3b0e9cb5ad5cec7cb34ebd07e3205b3e9293f844d65d8e59

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
content-type
text/html
set-cookie
uid=93ee3f72-72a0-4459-a676-5c14312dd70f; expires=Mon, 23 Aug 2021 00:12:38 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Xv1SN%2Bq8ghnijbZCROKuEIGJjlg%2FbSzi7AxTpDftSz8yBzCaZwJMKxvCEwJkQ9jyevRmO4PZ8D%2BK5KxdR7ZMBDFbqeFijX8rNrgKbxiD55%2BUEKNkIiEcPGcpUNJzik7A%2BQGporOwwyCYfSyqcWR6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
678b55e379cdc2d6-FRA
content-encoding
br
ads
pagead2.googlesyndication.com/gampad/ Frame 0F3D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3429838456675176&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=3114504516&sdk_apis=2%2C8&sid=2B7ED61B-A23B-403F-B1C0-176D4F7C8721&eid=44730896%2C44737473&dt=1627949558378&scor=2873287468088582&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 845C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8b4b138fa28d47263437258de17e1bb10a7e2304f1747dd45f5296b1b277c671

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=328; CMID=YQiJ8ypaTdtnMWUKFIFXfgAA; CMPRO=210; CMST=YQiJ82EIifQA; CMRUM3=be610889f405a0&04610889f427603672896151570425710&27610889f40b40&ce610889f405a0&69610889f405a0&da610889f42760&49610889f405a0&e6610889f42760&2e610889f405a0&f1610889f405a0&03610889f405a0&82610889f4a8c0&58610889f405a0&2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8&0d610889f42760068b220438a18471fd45e6e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
65|111|90|81|88|31|230|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1594
Expires
Tue, 03 Aug 2021 00:12:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YQiJ8ypaTdtnMWUKFIFXfgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:38 GMT CMPS=328;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:38 GMT CMPRO=210;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:38 GMT CMRUM3=69610889f405a0&da610889f42760&1f610889f605a00&be610889f405a0&04610889f427603672896151570425710&ce610889f405a0&03610889f405a0&82610889f4a8c0&58610889f605a0&0d610889f42760068b220438a18471fd45e6e6&2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8&2e610889f405a0&bc610889f605a00&51610889f605a0&f1610889f405a0&e6610889f62760&49610889f405a0&6f610889f605a0&41610889f605a0&27610889f40b40&5a610889f605a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:38 GMT CMST=YQiJ82EIifYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 Aug 2021 00:12:38 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F1A8 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
34555959bac38c5b6336fecdeaa872de31c9c8173dfb14c5c3b397cb4007e6fd

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=328; CMID=YQiJ8ypaTdtnMWUKFIFXfgAA; CMPRO=210; CMST=YQiJ82EIifQA; CMRUM3=be610889f405a0&04610889f427603672896151570425710&27610889f40b40&ce610889f405a0&69610889f405a0&da610889f42760&49610889f405a0&e6610889f42760&2e610889f405a0&f1610889f405a0&03610889f405a0&82610889f4a8c0&58610889f405a0&2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8&0d610889f42760068b220438a18471fd45e6e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
65|81|64|90|191|3|190|156
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1563
Expires
Tue, 03 Aug 2021 00:12:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YQiJ8ypaTdtnMWUKFIFXfgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:38 GMT CMPS=328;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:38 GMT CMPRO=210;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:38 GMT CMST=YQiJ82EIifYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 Aug 2021 00:12:38 GMT CMRUM3=40610889f605a0&5a610889f605a0&41610889f605a0&27610889f40b40&49610889f405a0&e6610889f42760&2e610889f405a0&51610889f605a0&f1610889f405a0&03610889f605a0&82610889f4a8c0&58610889f405a0&bf610889f605a0&2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8&0d610889f42760068b220438a18471fd45e6e6&be610889f605a0&04610889f427603672896151570425710&ce610889f405a0&9c610889f605a00&69610889f405a0&da610889f42760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:38 GMT
setuid
sync.quantumdex.io/ Frame 7FEB
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-05f50920-8b08-445a-aa12-0b0b2735e747
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-05f50920-8b08-445a-aa12-0b0b2735e747
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFxjfY8d%2Fn%2BESNOGxLOm9o%2BmIh3f6STXxMIP40%2FYx7JShCKAZmuN02B2WU6611tveRV3%2B%2BxZA30zEJIQzBRdK5gsDi2p4V65oAmt3eDG6X5vtLkrNV4ohNQiViKTfHHbSXpxfup1Hh7INkJ4iuOEhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e6bc42c2d6-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-05f50920-8b08-445a-aa12-0b0b2735e747
date
Tue, 03 Aug 2021 00:12:38 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame 7FEB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uJ16WpJE2uG3Za5fuqzGGHjMdPVlNx6wUs2eBZk-~A
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uJ16WpJE2uG3Za5fuqzGGHjMdPVlNx6wUs2eBZk-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AP0ZZ4SP7%2Fy5PmCQISMJQyVZqfDVDHtDFdP8bvIgZzfIToLtO2MIq0py2ZY6n6loixu7FwaLOdwseMK3OWqiPNcns3ZTZ9%2FHgCkVrWl9uQbGgGj58YsZYameyuHs6EYU8pbraIxes2yVGcp9wfQ3YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e4bac7c2d6-FRA
content-length
43

Redirect headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uJ16WpJE2uG3Za5fuqzGGHjMdPVlNx6wUs2eBZk-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 7FEB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533865603248255222
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533865603248255222
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXWVmohBDv%2FJwD4mHW9So9HEShhVf7PCzP6KqiC29TAroDRtX0H%2FGfIT8UZBeQOM%2B6XUgoY3R89pfBKyIimCD%2B38bD1bGfePioJanKqLP3TJuBauDroEELsYupIZLZBnCExdUvjXOB5YP1jyWYPdhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e4aabac2d6-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
67666ea1-f8f1-4c91-ad2b-14a5443a3b3f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533865603248255222
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 7FEB 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 7FEB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533865603248255222
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533865603248255222
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qt8v2VlGyZTGbHfZz3pXrF2n%2FA7mL0hbzaeKx%2FE1Fkb8UxVIA37TcVAfE7o5hQjfhoe51FxW%2BQib292ZR%2BbG0ll79KKk8IQQhM9BQ95NTBoGyVfU3ULCmO3Qy2mjkXBnUBfD1XLVHCWMHY35KPiGkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e4aabbc2d6-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c267b995-05c3-4a35-94d2-9c1c07455b61
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533865603248255222
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 7FEB
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3a5e0857-da57-45db-a1cb-23feff8a0e50
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3a5e0857-da57-45db-a1cb-23feff8a0e50
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BHfll%2FZ4Ow9zLPtTgVptlq3OQgaJI6B6nz%2Fpd5jIQklVKpQuOenEh4NZVgLMC%2BFNgGuTP7ahuBK7arswrKJ55sV9ftbwdUNb4p12dqonFi3gHbUgccTGgv8Cu7Ri9rH%2FxADr1B9sgyUn28joWVQTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e57b57c2d6-FRA
content-length
43

Redirect headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgpPCzGTyp95YgGL%2Bevfk8mZnq4qYCJGN%2BCsOO4btXPz5%2B3PhXm%2BekqJJxM2%2FgGgtkn8hWFTHGtlix%2BN3J%2BYMmDZsG1dg3%2FFs81%2BPrT4flfH5JY50AcL2QTVh376%2FThVLzwaJFXyVICq6anFpn8%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3a5e0857-da57-45db-a1cb-23feff8a0e50
cf-ray
678b55e46a7fc2d6-FRA
content-length
0
1.gif
id5-sync.com/c/495/0/0/ Frame 7FEB
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.49 , France, ASN16276 (OVH, FR),
Reverse DNS
p04.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:27 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Tue, 03 Aug 2021 00:12:27 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 7FEB
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=0adce1802bb8b43fedc56bf3
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=0adce1802bb8b43fedc56bf3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAqSQ8tPRTveE5clMDYA3NTf4bAYxLrcZ9k5IBrytafYQ4HG136Bwtn3iSmP%2BHlSPc5KhjQwFj7TR%2BwEJ0D%2B%2FhLCjotAf7QpE18FWZskzeKZF%2F6%2FwQnsAx409RdjtTrYItqKft%2FGAizy5Z5c9qtJVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e65c00c2d6-FRA
content-length
43

Redirect headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=0adce1802bb8b43fedc56bf3
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 7FEB
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP822295d5-f3ef-11eb-821a-02407095623c
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP822295d5-f3ef-11eb-821a-02407095623c
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP822295d5-f3ef-11eb-821a-02407095623c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKBfyPQb5Tfom6YMSYHmAjy59I7H%2BKEpfZTNVsAxQg6zGKGeDbO8jhY%2BPxfqx28gT40G5p1v%2FbHmHFlnYmXcmg%2F6wCpsbAXUOx9vatnpXTineButK1wb8JLNuWG0xUTuEVXMd%2B3YPwrvhSP4lJRvjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e51b0bc2d6-FRA
content-length
43

Redirect headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP822295d5-f3ef-11eb-821a-02407095623c
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 7FEB
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=926c23af-ccfe-4b39-99a2-4b7e3c609236
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=926c23af-ccfe-4b39-99a2-4b7e3c609236
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWE6UhwnyQBT4pReasHBMWqrpDWWB33jYggzu92uoNe3UYAKTkHLF8vDwtV0syVCmuri8E7qVq3Y8PVKmHTeAeJwWGmGtDaC8NFGBlpHGIUGJizy39on0NYeq8T9wtNi6HBIbYqpVxXKDR%2Fg8Qu4rA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e55b3fc2d6-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=926c23af-ccfe-4b39-99a2-4b7e3c609236
date
Tue, 03 Aug 2021 00:12:38 GMT
content-length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 3A6B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
adc4f60a9e40bc202a8bf0c07c7d086a2174e33e8d76bdc42e38713b67426744

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=328; CMID=YQiJ8ypaTdtnMWUKFIFXfgAA; CMPRO=210; CMST=YQiJ82EIifQA; CMRUM3=be610889f405a0&04610889f427603672896151570425710&27610889f40b40&ce610889f405a0&69610889f405a0&da610889f42760&49610889f405a0&e6610889f42760&2e610889f405a0&f1610889f405a0&03610889f405a0&82610889f4a8c0&58610889f405a0&2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8&0d610889f42760068b220438a18471fd45e6e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
65|64|111|90|39|46|190|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1640
Expires
Tue, 03 Aug 2021 00:12:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YQiJ8ypaTdtnMWUKFIFXfgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:38 GMT CMPS=328;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:38 GMT CMPRO=210;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:38 GMT CMST=YQiJ82EIifYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 Aug 2021 00:12:38 GMT CMRUM3=49610889f405a0&e6610889f42760&27610889f60b40&41610889f605a0&6f610889f605a0&5a610889f605a0&40610889f605a0&da610889f42760&69610889f405a0&ce610889f405a0&04610889f427603672896151570425710&be610889f605a0&0d610889f42760068b220438a18471fd45e6e6&2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8&58610889f405a0&82610889f4a8c0&03610889f605a0&f1610889f405a0&2e610889f605a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:38 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 05F6 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YQiJ+; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 7776 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 97EC 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=63126
expires
Tue, 03 Aug 2021 17:44:44 GMT
date
Tue, 03 Aug 2021 00:12:38 GMT
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame D081
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533865603248255222
43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533865603248255222
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZC6ciOiIQukr%2F8rY8uySN6Y7IW4squmKPWpOIn87%2FgqwW3yHkhFABC7NxIKPZg%2B03H%2Fdjf654GuWL8rPR4jeHjFDK7S6VhdvUMqMWCOsx5nbCPtNKRWpg9c7aFZN%2FnGtjE5XD1YWnkTlBRwJw%2FxYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e4bac6c2d6-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8bce6af1-4026-4a5a-b4ec-830f9cbdb6aa
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533865603248255222
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame D081 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame D081
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=054f503c-a3f9-43f3-bf76-4959b5e1ad2c
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=054f503c-a3f9-43f3-bf76-4959b5e1ad2c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3tmLrtz7APo4%2BxquL4oXRpU6nM%2Fk2DtaGICp96hFln4fGIk%2BiKUAE93A7coOVqXP6YGelPZ7dPN0J1vwKavzWZ%2B6v4aPrLx753iYw4Z63D4E6776nuNHnyZTruNX7HVFUFbg3HN5aogNBq5lQgc2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e57b54c2d6-FRA
content-length
43

Redirect headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZCMW6LEYDK6MWxblQLrS6jZ7l%2FlAREKDi%2B7%2Fne1ehVXiBChEdD5UIujvuMJfK6fjV4fZiGJ%2FpUT3dkkWb1h0bf1RYj9POPBpi0EesaEMEsASWWfv1A8PFwCw%2FqfU4pknk9QNERlI3otmPrX5MI%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=054f503c-a3f9-43f3-bf76-4959b5e1ad2c
cf-ray
678b55e46a84c2d6-FRA
content-length
0
setuid
sync.quantumdex.io/ Frame D081
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533865603248255222
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533865603248255222
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99KsvyqyMwMnDlvrD0QUmVEIjD9OXlSv941FwJAQjMzxb9Mm%2FlnPmRl1nuNf3POFL2W3gjavaq5IFTdhdliwgwmMVhFF3TcwJk%2FRPAQiMUpCPSQbsjsKn5ghk3bmgEJhKDd6KtE41tWrDiqWSPvKAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e4faf8c2d6-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7b2ab9c4-33eb-4fa0-a8e7-9b1fd4956721
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533865603248255222
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1.gif
id5-sync.com/c/495/0/0/ Frame D081
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.49 , France, ASN16276 (OVH, FR),
Reverse DNS
p04.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:27 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Tue, 03 Aug 2021 00:12:27 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame D081
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=a04ff4cbefefd4539a9d9159
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=a04ff4cbefefd4539a9d9159
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Mx4hQ7wFykeH13hFla1jSdNjbIl6ChKONIngAKrGsOHPFE1XgKht6oeOy840aHFSLbkVQAjeI6cv%2FEuyyiewKzSxRiZ%2BpF2DL%2BnGF0cr%2BYqWfpjzcYTxFkJqfygFeuHUxb6fTMURU5ScjcbxVSxkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e6bc3cc2d6-FRA
content-length
43

Redirect headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=a04ff4cbefefd4539a9d9159
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame D081
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP822295d5-f3ef-11eb-821a-02407095623c
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP822295d5-f3ef-11eb-821a-02407095623c
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP822295d5-f3ef-11eb-821a-02407095623c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzZsUa7iC0XzaBu4TbySwHs6ICGf1TbBSnVim3y55NE5ZVs6EtFK3bL67meblkc3NyMTa6Pqg0pk6bzU29Up%2FjQTiDY%2F%2B0qoKrEs1cyo1rKGXlxtv0ar9gQjtpY2BDGcZ3GSOKTR6e%2Bw39tVuTg%2Bfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e55b4bc2d6-FRA
content-length
43

Redirect headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP822295d5-f3ef-11eb-821a-02407095623c
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame D081
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3050800c-e6da-4254-9c4e-435af497fba3
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3050800c-e6da-4254-9c4e-435af497fba3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLmKo4IcswqksFMUN0fAuLO0MEuKd1MO%2F2clHz1theNmjPrDHJZ7%2BKm0zauhNLlVZ8LGSQkeMMi0MTd9Olb0i%2FsEjbrT5QWIUks7hp9%2FFkd58xoxpTO8YAC8W1xG4wbyP%2FeuI4%2FaEcgIjIdMdj7n7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e55b3dc2d6-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3050800c-e6da-4254-9c4e-435af497fba3
date
Tue, 03 Aug 2021 00:12:38 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame D081
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-913a6bd1-a89c-45ee-8d43-3852c6cea747
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-913a6bd1-a89c-45ee-8d43-3852c6cea747
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23iacXXcNEt3s1tMYF5Qx5Vo2Lrp%2FKXSusokc5gueURhFa3xxqUWDK6dWGlDICo0DsQ%2FQzJglod0MJ6EIrZtczXjDUOQ9M2vRcQX0ORkv5NhybHAjWRZUuV8NjfhmId8%2BGUqTRRE0uOQpaQhjyPr3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e6bc43c2d6-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-913a6bd1-a89c-45ee-8d43-3852c6cea747
date
Tue, 03 Aug 2021 00:12:38 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame D081
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uJ16WpJE2uG3Za5fuqzGGHjMdPVlNx6wUs2eBZk-~A
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uJ16WpJE2uG3Za5fuqzGGHjMdPVlNx6wUs2eBZk-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RUvXqhpo1N0Y%2FjrezQZkmCTHe6oV0U1kfK9IZZNDWsKK5nWdP5zJZ%2FSAXVdStw9%2FZs3be0UzJLylWPArnO4xLt%2FJ2P3rZpo79JZ%2BJqPHT35cdUELAwVg62C2F2WlBekmcz4DNN9rjHuENznEXuUCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e4cad1c2d6-FRA
content-length
43

Redirect headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uJ16WpJE2uG3Za5fuqzGGHjMdPVlNx6wUs2eBZk-~A
Connection
keep-alive
Content-Length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 8B23 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bfbcd9965ad278372d66161e953e159e6e56858d6ec36ebcfb26a09ee764055f

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=328; CMID=YQiJ8ypaTdtnMWUKFIFXfgAA; CMPRO=210; CMST=YQiJ82EIifQA; CMRUM3=be610889f405a0&04610889f427603672896151570425710&27610889f40b40&ce610889f405a0&69610889f405a0&da610889f42760&49610889f405a0&e6610889f42760&2e610889f405a0&f1610889f405a0&03610889f405a0&82610889f4a8c0&58610889f405a0&2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8&0d610889f42760068b220438a18471fd45e6e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
65|81|64|111|195|196|152|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1389
Expires
Tue, 03 Aug 2021 00:12:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YQiJ8ypaTdtnMWUKFIFXfgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:38 GMT CMPS=328;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:38 GMT CMPRO=210;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 00:12:38 GMT CMST=YQiJ82EIifYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 Aug 2021 00:12:38 GMT CMRUM3=f1610889f405a0&51610889f605a0&2e610889f405a0&0d610889f42760068b220438a18471fd45e6e6&2d610889f32760CAESEHVmE1_FszqSwLbwEemtK-8&58610889f405a0&82610889f4a8c0&03610889f405a0&04610889f427603672896151570425710&ce610889f405a0&be610889f405a0&98610889f605a00&da610889f42760&69610889f605a0&c3610889f605a00&c4610889f605a0&40610889f605a0&27610889f40b40&6f610889f605a0&41610889f605a0&49610889f405a0&e6610889f42760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 00:12:38 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 0A12 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YQiJ+; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame E247 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F716 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=63126
expires
Tue, 03 Aug 2021 17:44:44 GMT
date
Tue, 03 Aug 2021 00:12:38 GMT
vary
Accept-Encoding
rum
dsum.casalemedia.com/ Frame 845C
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:39 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
match
c1.adform.net/serving/cookie/ Frame 845C 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 845C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6DC0DBCD40DE480C880F3B6414F5EE60&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6DC0DBCD40DE480C880F3B6414F5EE60&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:38 GMT

Redirect headers

date
Tue, 03 Aug 2021 00:12:38 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=6DC0DBCD40DE480C880F3B6414F5EE60&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 02 Aug 2021 00:12:38 GMT
rum
dsum-sec.casalemedia.com/ Frame 845C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Rbp32UuyIddevH7UEbtq1kLpdYdeuX-DSrJXmgU6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Rbp32UuyIddevH7UEbtq1kLpdYdeuX-DSrJXmgU6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Rbp32UuyIddevH7UEbtq1kLpdYdeuX-DSrJXmgU6
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 845C 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1627949559.520999,VS0,VE92
x-served-by
cache-fra19160-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
noop
px.owneriq.net/ Frame 845C
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6812359611272421112&uid=Q6812359611272421112&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:41 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 03 Aug 2021 00:12:41 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 845C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEM6xtCUvg15v4V2ypTMpehI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 845C 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.64.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 845C 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YQiJ8ypaTdtnMWUKFIFXfgAA%26210?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1717
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:41:15 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627949558505&asid=60b5dafed921561dff52c9df%2C5ecb8e11ee519a0e8566e3b3%2C5f5e1c5ad1bb37468a36ee81%2C60100a23846aac2338662284%2C5e4e530428a06142567364a0%2C5eb94ee4d944107a141a21c4%2C608947e2747cc640e41606e8&ofpr=4.85%2C2.5%2C0.9%2C0.9%2C1.55%2C1.88%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
tag
cguke-9h64o.ads.tremorhub.com/ad/ 		55 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-2x5lz&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,11117c21e478b653aef36e30557acc91_172312207,CyberMedia%20Network%20Inc.,creaders.net&transactionId=53a38031-e4b3-44a6-abed-e5d10fe51e58&floor=USD:1.88&referrer=https%3A%2F%2Fm.creaders.net%2Fnews&hb=1&fmt=json
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
4260d73aaa2e514150df8d01f7af76cde383fba1fc524ac469f3512ec6ddbdeb

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
X-SpotX-Timing-Transform
0.000287
X-SpotX-Timing-SpotMarket
0.005372
X-SpotX-Timing-Page-Mux
0.000871
X-SpotX-Timing-Page-Require
0.000372
X-fe
073
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.013731
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003726
Last-Modified
Tue, 03 Aug 2021 00:12:38 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005372
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://m.creaders.net
X-SpotX-Timing-Page-Misc
0.003066
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
54ca39075437ff95abc60b681fc44ce3ac44c13eaee3fee236a2c5c483caeb54
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
985a55ce-06b0-4ae6-a591-4f40749a4a81
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.106.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-106-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c26bfe514688318c122c110afdfc82ba7d0948ee41f3ca03f3a174db7ffca298

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627949558512&pKey=586571228&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fm.creaders.net%2Fnews&playerSize=336x189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627949558447010-371
Expires
Tue, 03 Aug 2021 00:12:38 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
rum
dsum.casalemedia.com/ Frame F1A8
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:39 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame F1A8 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F1A8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame F1A8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DEEB8565E29946C78112220E936E701E&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DEEB8565E29946C78112220E936E701E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:38 GMT

Redirect headers

date
Tue, 03 Aug 2021 00:12:38 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DEEB8565E29946C78112220E936E701E&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 02 Aug 2021 00:12:38 GMT
index
dmp.brand-display.com/cm/api/ Frame F1A8 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:39 GMT
via
1.1 google
last-modified
Tue, 03 Aug 2021 00:12:39 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Tue, 03 Aug 2021 00:12:40 GMT
crum
dsum-sec.casalemedia.com/ Frame F1A8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:38 GMT

Redirect headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
MT3 3820 7698daf master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 03 Aug 2021 00:12:37 GMT
getuid
ib.adnxs.com/ Frame F1A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookiesync
bttrack.com/pixel/ Frame F1A8 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Tue, 03 Aug 2021 00:11:54 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F1A8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YQiJ8ypaTdtnMWUKFIFXfgAA%26210?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://m.creaders.net/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 00:12:38 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1717
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:41:15 GMT
rum
dsum.casalemedia.com/ Frame 3A6B
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:39 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 3A6B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
match
c1.adform.net/serving/cookie/ Frame 3A6B 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 3A6B
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=59662A9E9B0448CFB83D6863EB56C8BC&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=59662A9E9B0448CFB83D6863EB56C8BC&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:38 GMT

Redirect headers

date
Tue, 03 Aug 2021 00:12:38 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=59662A9E9B0448CFB83D6863EB56C8BC&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 02 Aug 2021 00:12:38 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3A6B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YQiJ8ypaTdtnMWUKFIFXfgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
secure.adnxs.com/ Frame 3A6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
getuid
ib.adnxs.com/ Frame 3A6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 3A6B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:38 GMT

Redirect headers

Date
Tue, 03 Aug 2021 00:12:26 GMT
Server
MT3 3820 7698daf master zrh-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d4206108-89f4-4f00-9e6b-20e17e6cf95d&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 03 Aug 2021 00:12:25 GMT
setuid
sync.quantumdex.io/ Frame 3A6B 		43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EP905g4UsptIXk9ngkgdIHibDddVjXNl81EhteakKHvpsv0Gb9DGjMzfaQcrXwRE8SZtJ7g0Ztp9Ku7o7cuQpzrKbTeOjQCjbkjxwuLw%2B88AUYm1spREECEvLnMBea0OVTraNTaX0ol%2BjtUDyJAhkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e51b0ac2d6-FRA
content-length
43
rum
dsum.casalemedia.com/ Frame 8B23
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:39 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628035958&gdpr=1
pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 8B23 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8B23
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:38 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1630541558
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
match
c1.adform.net/serving/cookie/ Frame 8B23 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:38 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 8B23
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ef2384af-1f66-46b3-8c7f-f55d72106ef9
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ef2384af-1f66-46b3-8c7f-f55d72106ef9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:38 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ef2384af-1f66-46b3-8c7f-f55d72106ef9
date
Tue, 03 Aug 2021 00:12:38 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 8B23
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:39 GMT

Redirect headers

date
Tue, 03 Aug 2021 00:12:39 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 8B23
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=05905569-7188-4387-b0c4-78b78f925486
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=05905569-7188-4387-b0c4-78b78f925486&C=1
43 B
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=05905569-7188-4387-b0c4-78b78f925486&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:40 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=05905569-7188-4387-b0c4-78b78f925486&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
301
Expires
Tue, 03 Aug 2021 00:12:40 GMT
crum
dsum-sec.casalemedia.com/ Frame 8B23
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 03 Aug 2021 00:12:39 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 03 Aug 2021 00:12:39 GMT
server
nginx/1.20.0
content-length
76
setuid
sync.quantumdex.io/ Frame 8B23 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YQiJ8ypaTdtnMWUKFIFXfgAAANIAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9GCrzFXAYneHQwnNob601MlqJjfBlc%2B97M50CgwI5ChrlGWL5R%2FMyEC1Z1PVSTUXjtj5ODYig1oP8lepDleU3mL90v0vcO1o3STPsdmKFAOC3l8hUDP4u486mApFJwGmrNBfefhP%2BJDDuH7zayZrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
678b55e54b38c2d6-FRA
content-length
43
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627949558887&asid=608947e2747cc640e41606e8&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E48D 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:38 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame 529C 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402839
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame E48D 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:38 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 60F8 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 529C 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3457080922991467&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=1186084886&sdk_apis=2%2C7%2C8&sid=9857A7A6-D11D-4AE7-AEE7-A59FEFF5C6C4&eid=44746669&dt=1627949559033&scor=1850791482675902&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 03 Aug 2021 00:12:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627949564127&asid=60b5dafed921561dff52c9df%2C5ecb8e11ee519a0e8566e3b3%2C5f5e1c5ad1bb37468a36ee81%2C60100a23846aac2338662284%2C5e4e530428a06142567364a0%2C5eb94ee4d944107a141a21c4%2C608947e2747cc640e41606e8%2C60ed8c214b5f003eaf39e55d%2C5eccd16e0b311965fa1451f4&ofpr=4.85%2C2.5%2C0.9%2C0.9%2C1.55%2C1.88%2C%2C%2C1.65&fpo=%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f0cc03e398cd8fab46b51c0e20f782dd41b27fb1555efcda3f6f2b8b7c14a388
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:44 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
33111291-d958-4209-aa47-80e4d6010de8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tag
cguke-9h64o.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-2x5lz&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,11117c21e478b653aef36e30557acc91_172312207,CyberMedia%20Network%20Inc.,creaders.net&transactionId=52af84a2-1c5f-463d-ac67-b814b85988a8&floor=USD:1.88&referrer=https%3A%2F%2Fm.creaders.net%2Fnews&hb=1&fmt=json
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Aug 2021 00:12:44 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627949564133&pKey=587371804&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fm.creaders.net%2Fnews&playerSize=336x189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:44 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627949564110004-421
Expires
Tue, 03 Aug 2021 00:12:44 GMT
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:44 GMT
X-SpotX-Timing-Transform
0.000302
X-SpotX-Timing-SpotMarket
0.006547
X-SpotX-Timing-Page-Mux
0.000927
X-SpotX-Timing-Page-Require
0.000368
X-fe
023
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000030
X-SpotX-Timing-Page
0.014630
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003786
Last-Modified
Tue, 03 Aug 2021 00:12:44 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006547
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://m.creaders.net
X-SpotX-Timing-Page-Misc
0.002655
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.106.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-106-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1d34015323a359b69827f8ea3e943806543dade0169d9687485c2d795c4eaff1

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:44 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627949564254&asid=608947e2747cc640e41606e8%2C60ed8c214b5f003eaf39e55d&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D952 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:44 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1C00 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:44 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame BA8A 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 1C00 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:44 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame D7A4 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame D952 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:44 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DBF6 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7BF7 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame BA8A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3878304545702089&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=67270297&sdk_apis=2%2C8&sid=180694CB-69BD-4926-9E4E-0B6BD3FB587D&eid=44746668&dt=1627949564493&scor=638246270924854&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame D7A4 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21939239661%2Ftsm%2FS-TEST&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1648003130861098&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=3999163405&sdk_apis=2%2C8&sid=821AE2AF-A344-479E-BF9B-F8394CAD7DA6&eid=44736284&url=https%3A%2F%2Fm.creaders.net%2Fnews&dt=1627949564503&scor=2347007858401562&ged=ve4_td1_tt1_pd1_la1000_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627949564627&asid=60b5dafed921561dff52c9df%2C5ecb8e11ee519a0e8566e3b3%2C5f5e1c5ad1bb37468a36ee81%2C60100a23846aac2338662284%2C5e4e530428a06142567364a0%2C5eb94ee4d944107a141a21c4%2C608947e2747cc640e41606e8&ofpr=4.85%2C2.5%2C0.9%2C0.9%2C1.55%2C1.88%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
tag
cguke-9h64o.ads.tremorhub.com/ad/ 		55 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-2x5lz&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,11117c21e478b653aef36e30557acc91_172312207,CyberMedia%20Network%20Inc.,creaders.net&transactionId=78584157-86a4-4b43-961d-b6ff092bea7e&floor=USD:1.88&referrer=https%3A%2F%2Fm.creaders.net%2Fnews&hb=1&fmt=json
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3b0825b3dba5a7872720c9e90c0d96bf1cb6134b56e68c813eade9b03bf39884

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:45 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.106.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-106-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
afe45c73e6119220f69f339a87a228cd301307a75e33442a685e550ec06cab06

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:44 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:44 GMT
X-SpotX-Timing-Transform
0.001297
X-SpotX-Timing-SpotMarket
0.007162
X-SpotX-Timing-Page-Mux
0.001903
X-SpotX-Timing-Page-Require
0.000476
X-fe
081
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.021937
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.004653
Last-Modified
Tue, 03 Aug 2021 00:12:44 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007162
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://m.creaders.net
X-SpotX-Timing-Page-Misc
0.006405
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627949564637&pKey=587376613&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fm.creaders.net%2Fnews&playerSize=336x189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:44 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627949564160046-422
Expires
Tue, 03 Aug 2021 00:12:44 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
16665f1d9ec61278f754f95e44463749af88e7d6bc202bdd5143adfd2f197cf1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:44 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
766885dd-0cab-4d3c-9941-24b21758c0f7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627949565167&asid=608947e2747cc640e41606e8&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D9B0 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:45 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame 77E7 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402846
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame D9B0 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:45 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 66FD 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 77E7 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=895030022109957&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=1539259824&sdk_apis=2%2C8&sid=4F0EAAD3-C33F-4EF2-817B-2E1551835DA5&eid=44745940&dt=1627949565356&scor=1438256874086516&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627949565426&asid=60b5dafed921561dff52c9df%2C5ecb8e11ee519a0e8566e3b3%2C5f5e1c5ad1bb37468a36ee81%2C60100a23846aac2338662284%2C5e4e530428a06142567364a0%2C5eb94ee4d944107a141a21c4%2C608947e2747cc640e41606e8&ofpr=4.85%2C2.5%2C0.9%2C0.9%2C1.55%2C1.88%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.106.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-106-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
cdc61996e89dc15e0cff13b297928b007d19b2a99198bfdcb6e3ede0bbe7f1db

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:45 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:45 GMT
X-SpotX-Timing-Transform
0.000358
X-SpotX-Timing-SpotMarket
0.006794
X-SpotX-Timing-Page-Mux
0.001332
X-SpotX-Timing-Page-Require
0.000346
X-fe
045
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
X-SpotX-Timing-Page
0.016982
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003844
Last-Modified
Tue, 03 Aug 2021 00:12:45 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006794
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://m.creaders.net
X-SpotX-Timing-Page-Misc
0.004267
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
tag
cguke-9h64o.ads.tremorhub.com/ad/ 		55 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-2x5lz&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,11117c21e478b653aef36e30557acc91_172312207,CyberMedia%20Network%20Inc.,creaders.net&transactionId=2feab61f-8682-4013-8b3b-9eda6085d0e7&floor=USD:1.88&referrer=https%3A%2F%2Fm.creaders.net%2Fnews&hb=1&fmt=json
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
83b78e763e109b39d487ca1672679f764a3e77fcf89982fd918685d74d1b8e22

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:45 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627949565432&pKey=587404477&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fm.creaders.net%2Fnews&playerSize=336x189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:45 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627949564679085-349
Expires
Tue, 03 Aug 2021 00:12:45 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9dbdb2f24e97594dfcd47d2d571707fb671ba44ebf94948a43cc437598778bb8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:45 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e5bea93b-ce94-4691-894b-99ea5f6bf6f2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627949565716&asid=608947e2747cc640e41606e8&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8E09 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:45 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame DD6D 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402846
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 8E09 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:45 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3068 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame DD6D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1829719502717939&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=3737690883&sdk_apis=2%2C8&sid=69B0C054-EE92-4E69-8161-AC86AE5A85A5&eid=44725355%2C44732023&dt=1627949565843&scor=2677302304220562&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 03 Aug 2021 00:12:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627949565963&asid=60b5dafed921561dff52c9df%2C5ecb8e11ee519a0e8566e3b3%2C5f5e1c5ad1bb37468a36ee81%2C60100a23846aac2338662284%2C5e4e530428a06142567364a0%2C5eb94ee4d944107a141a21c4%2C608947e2747cc640e41606e8&ofpr=4.85%2C2.5%2C0.9%2C0.9%2C1.55%2C1.88%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:46 GMT
X-SpotX-Timing-Transform
0.000324
X-SpotX-Timing-SpotMarket
0.005605
X-SpotX-Timing-Page-Mux
0.000968
X-SpotX-Timing-Page-Require
0.000390
X-fe
010
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.016451
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.004019
Last-Modified
Tue, 03 Aug 2021 00:12:45 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005605
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://m.creaders.net
X-SpotX-Timing-Page-Misc
0.005108
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.106.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-106-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b044471878a46c5c4c811e99d8f6af50ccdb9fc81a31e9163ec937d29948ace9

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:46 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
tag
cguke-9h64o.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-2x5lz&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,11117c21e478b653aef36e30557acc91_172312207,CyberMedia%20Network%20Inc.,creaders.net&transactionId=c71ff79b-66d1-4c9b-a8c6-ed874884d28e&floor=USD:1.88&referrer=https%3A%2F%2Fm.creaders.net%2Fnews&hb=1&fmt=json
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627949565967&pKey=587409380&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fm.creaders.net%2Fnews&playerSize=336x189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:46 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627949565892015-414
Expires
Tue, 03 Aug 2021 00:12:46 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		140 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
919c7eb4514a5da96aae31deab9a533b2e557f3b0998ced97176dfff42afd065
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:45 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9059cc17-0c14-4501-8050-23c2debfb86b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627949566090&asid=608947e2747cc640e41606e8&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8DC3 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:46 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame 7FCF 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 8DC3 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:46 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E215 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 7FCF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1728489086298063&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=3114504516&sdk_apis=2%2C8&sid=8E7DDB8C-E5E3-4AC9-8FAF-82EE429785B2&dt=1627949566211&scor=364577812842364&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag
cguke-lp2na.ads.tremorhub.com/ad/ 		949 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-lp2na.ads.tremorhub.com/ad/tag?adCode=cguke-c54qn&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,,CyberMedia%20Network%20Inc.,creaders.net&us_privacy=1---&cbb=7949566299
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language
en
access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=request&cb=1627949566299&asid=60b5dafed921561dff52c9df%2C5ecb8e11ee519a0e8566e3b3%2C5f5e1c5ad1bb37468a36ee81%2C60100a23846aac2338662284%2C5e4e530428a06142567364a0%2C5eb94ee4d944107a141a21c4%2C608947e2747cc640e41606e8%2C5cd95a0728a06120f816a67c&ofpr=4.85%2C2.5%2C0.9%2C0.9%2C1.55%2C1.88%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=SelectMedia
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.creaders.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
tag
cguke-9h64o.ads.tremorhub.com/ad/ 		55 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cguke-9h64o.ads.tremorhub.com/ad/tag?adCode=cguke-2x5lz&playerWidth=336&playerHeight=189&srcPageUrl=https%3A%2F%2Fm.creaders.net%2Fnews&supplyCode=cguke-9h64o&mediaId=VideoId&schain=1.0,1!selectmedia.asia,5c5bf265073ef44dbb3483fb,1,11117c21e478b653aef36e30557acc91_172312207,CyberMedia%20Network%20Inc.,creaders.net&transactionId=9168cfdd-6fbd-4744-865d-59af7c857d1d&floor=USD:1.88&referrer=https%3A%2F%2Fm.creaders.net%2Fnews&hb=1&fmt=json
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b54f:a79a:adff:b87e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
fb105dc2733636d73aaba6ed594c1739bde3b959da35e065364e9bf566a171e3

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:46 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.106.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-106-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ed112bbf522919fb3586f214a11b5c3f941e3ed614d5a3b87426c433847097af

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 00:12:46 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://m.creaders.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
86471
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/86471?src_sys=prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 03 Aug 2021 00:12:46 GMT
X-SpotX-Timing-Transform
0.000542
X-SpotX-Timing-SpotMarket
0.006275
X-SpotX-Timing-Page-Mux
0.001092
X-SpotX-Timing-Page-Require
0.000370
X-fe
020
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.016354
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.004045
Last-Modified
Tue, 03 Aug 2021 00:12:46 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006275
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://m.creaders.net
X-SpotX-Timing-Page-Misc
0.003988
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=6283393&componentId=prebid&componentSubId=mustang&timestamp=1627949566304&pKey=587433216&schain=1.0%2C1!selectmedia.asia%2C5c5bf265073ef44dbb3483fb%2C1%2C%2CCyberMedia%20Network%20Inc.%2Ccreaders.net&loc=https%3A%2F%2Fm.creaders.net%2Fnews&playerSize=336x189
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:46 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1627949566105030-384
Expires
Tue, 03 Aug 2021 00:12:46 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: m.creaders.net
URL: https://m.creaders.net/polyfills.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e36d1b83491c43796030bbfdb1dc1ff78187a85427529e132a99e2a129bb07aa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Aug 2021 00:12:46 GMT
X-Proxy-Origin
37.120.209.212; 37.120.209.212; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
02d45f22-5bd0-45ec-bae8-96c09b84bcf4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.creaders.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=m.creaders.net&rs=m.creaders.net&sid=96282&t=1627949555&cip=37.120.209.212&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=336&he=189&app=&AV_PUBLISHERID=5c5bf265073ef44dbb3483fb&test=&aafaid=&proto=https&uid=1627949555815-983601092972-008604-011-007822&cha=0.05&stagid=60c21b1576524450f8723437&stplid=60c2188a59f9b83f06493dc6&cb=35419255873&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&AV_WIDTH=336&AV_HEIGHT=189&&ppid=5c5bf265073ef44dbb3483fb&nid=58fcbed1073ef420086c9d08&pcid=60c21a7dd47c7876191f3a27&ncid=60c21a31e65f2e224f125406&pasid=60c21a7aa78dc70f2e196f57&e=bid&cb=1627949566661&asid=608947e2747cc640e41606e8&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-142-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame CD3A 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.selectmedia.asia
URL: https://player.selectmedia.asia/script/6.1/AVmanager.js?v=1.0&type=s&pid=5c5bf265073ef44dbb3483fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:46 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame F8D0 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://m.creaders.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://m.creaders.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
402847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame CD3A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:12:46 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8A75 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.creaders.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Aug 2021 01:09:36 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame F8D0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_SelectMedia%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fm.creaders.net%2Fnews&url=https%3A%2F%2Fm.creaders.net%2Fnews&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=706843760025039&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr=1&sdki=44d&adk=1186084886&sdk_apis=2%2C8&sid=C8A62666-DE77-48E0-9B76-79935E8DC77C&eid=420706098&dt=1627949566797&scor=4438289254537311&ged=ve4_td0_tt0_pd0_la0_er1011.1264.1169.1564_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=9119958038253429946

Verdicts & Comments Add Verdict or Comment

277 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| prebootInitFn object| prebootData string| __theme object| _atrk_opts object| _qoptions function| quantserve function| __qc object| _qevents object| ezt function| qtrack object| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched string| pubcidCookie function| atrk boolean| _atrk_fired object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| ngRef object| googletag object| vitag object| __zone_symbol__scrollfalse object| __zone_symbol__loadfalse object| _gat object| _gaq object| gaGlobal object| ggeac object| google_js_reporting_queue object| _VLIOBJ object| regeneratorRuntime string| tagApi object| viAPItag function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse function| __tcfapi object| __zone_symbol__messagefalse function| __uspapi boolean| _isUserInEU boolean| _isUserInUS boolean| __VLICMP object| observeElementInViewport object| __zone_symbol__blurfalse object| __zone_symbol__focusfalse function| vlPlayer object| $sf object| __zone_symbol__DOMContentLoadedfalse function| vlipbChunk object| vlipb object| _pbjsGlobals string| nobidVersion object| nobid object| __zone_symbol__messagetrue function| __tcfapiui object| _google_rum_ns_ object| __zone_symbol__visibilitychangefalse object| __zone_symbol__unloadfalse object| __zone_symbol__pagehidefalse object| google_persistent_state_async number| google_global_correlator object| __zone_symbol__testfalse number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing boolean| apstagLOADED object| apstag object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| aniplayerPos function| avPlayer object| __zone_symbol__resizetrue object| __zone_symbol__scrolltrue object| storageAni object| criteo_pubtag object| criteo_pubtag_prebid_105 object| Criteo_prebid_105 object| google_image_requests object| freewheelssp_cache object| closure_lm_751945 object| closure_lm_68256 object| closure_lm_535850 object| closure_lm_337544 object| closure_lm_434978 object| closure_lm_491436 function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

11 Cookies

Domain/Path Name / Value
m.creaders.net/ Name: _pubcid
Value: c4dd965c-5753-4c12-84c0-a21aafff6fca
m.creaders.net/ Name: sf_ck_tst
Value: test
m.creaders.net/ Name: __vliIPL
Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1627956753401}
.creaders.net/ Name: __utmt
Value: 1
.creaders.net/ Name: __utmz
Value: 77545162.1627949553.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.creaders.net/ Name: __utmc
Value: 77545162
.creaders.net/ Name: __asc
Value: a3b8213917b095ad455655ef5cd
.creaders.net/ Name: __auc
Value: a3b8213917b095ad455655ef5cd
.creaders.net/ Name: __utmb
Value: 77545162.1.10.1627949553
.creaders.net/ Name: __utma
Value: 77545162.332785264.1627949553.1627949553.1627949553.1
.creaders.net/ Name: __qca
Value: P0-862345634-1627949552317

8 Console Messages

Source Level URL
Text
console-api warning URL: https://m.creaders.net/main.js(Line 1)
Message:
localStorage is not available.
console-api error URL: https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://m.creaders.net/polyfills.js(Line 1)
Message:
Unhandled Promise rejection: Cannot read property 'getItem' of null ; Zone: <root> ; Task: Promise.then ; Value: TypeError: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at e.value (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:384:6667) at e.value (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:429:349) at e.<anonymous> (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:454:13) at c (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:233:50) at Generator._invoke (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:231:219) at Generator.next (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:237:252) at u (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:343:150) at s (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:345:123) at https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:347:1 at new e (https://m.creaders.net/polyfills.js:1:14906)
console-api error URL: https://m.creaders.net/polyfills.js(Line 1)
Message:
Unhandled Promise rejection: Cannot read property 'getItem' of null ; Zone: <root> ; Task: Promise.then ; Value: TypeError: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at e.value (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:384:6667) at e.value (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:429:349) at e.<anonymous> (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:454:13) at c (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:233:50) at Generator._invoke (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:231:219) at Generator.next (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:237:252) at u (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:343:150) at s (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:345:123) at https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:347:1 at new e (https://m.creaders.net/polyfills.js:1:14906)
console-api error URL: https://m.creaders.net/polyfills.js(Line 1)
Message:
Unhandled Promise rejection: Cannot read property 'getItem' of null ; Zone: <root> ; Task: Promise.then ; Value: TypeError: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at e.value (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:384:6667) at e.value (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:429:349) at e.<anonymous> (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:454:13) at c (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:233:50) at Generator._invoke (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:231:219) at Generator.next (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:237:252) at u (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:343:150) at s (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:345:123) at https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:347:1 at new e (https://m.creaders.net/polyfills.js:1:14906)
console-api error URL: https://m.creaders.net/polyfills.js(Line 1)
Message:
Unhandled Promise rejection: Cannot read property 'getItem' of null ; Zone: <root> ; Task: null ; Value: TypeError: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at e.value (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:384:6667) at e.value (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:429:349) at e.<anonymous> (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:454:13) at c (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:233:50) at Generator._invoke (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:231:219) at Generator.next (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:237:252) at u (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:343:150) at s (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:345:123) at https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:347:1 at new e (https://m.creaders.net/polyfills.js:1:14906)
console-api error URL: https://m.creaders.net/polyfills.js(Line 1)
Message:
Unhandled Promise rejection: Cannot read property 'getItem' of null ; Zone: <root> ; Task: null ; Value: TypeError: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at e.value (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:384:6667) at e.value (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:429:349) at e.<anonymous> (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:454:13) at c (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:233:50) at Generator._invoke (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:231:219) at Generator.next (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:237:252) at u (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:343:150) at s (https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:345:123) at https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js:347:1 at new e (https://m.creaders.net/polyfills.js:1:14906)
console-api warning URL: https://player.hb.selectmedia.asia/prebidlink/452208/hb_310028_7816.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

295dab7ef5d8603e8bb9a64fa14a2f02.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
assets.bilsyndication.com
bidder.criteo.com
biltag.bilsyndication.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.jsdelivr.net
certify.alexametrics.com
cguke-9h64o.ads.tremorhub.com
cguke-lp2na.ads.tremorhub.com
cm.g.doubleclick.net
d.adroll.com
d31qbv1cthcecs.cloudfront.net
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
edge.quantserve.com
eus.rubiconproject.com
fonts.googleapis.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs-simple.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
m.creaders.net
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
maxcdn.bootstrapcdn.com
ms.quantumdex.io
nep.advangelists.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
play.selectmedia.asia
player.hb.selectmedia.asia
player.selectmedia.asia
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.ad.smaato.net
pub.creaders.net
px.owneriq.net
px.vliplatform.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.adentifi.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.bilsyndication.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.bilsyndication.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.search.spotxchange.com
sync.teads.tv
targeting.unrulymedia.com
tg1.selectmedia.asia
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
www.creaders.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ads.stickyadstv.com
104.109.78.125
104.111.242.245
104.111.242.53
13.224.90.44
13.224.96.14
13.224.96.58
13.248.242.197
135.125.8.70
142.250.181.226
147.75.38.124
151.101.13.108
151.101.14.49
169.50.137.190
178.162.133.149
178.250.0.165
18.197.99.6
18.214.253.211
184.31.84.150
185.183.112.155
185.184.8.65
185.29.132.245
185.33.220.240
185.64.189.112
185.64.189.115
185.94.180.124
185.94.180.126
192.132.33.46
2.18.233.180
2.18.234.21
2.18.234.233
2001:678:cb4:bbbb::11
213.174.135.2
213.19.147.43
213.19.147.44
216.52.2.48
216.58.212.130
216.58.212.162
2600:1f18:612b:4200:b54f:a79a:adff:b87e
2600:9000:2190:5800:6:44e3:f8c0:93a1
2606:4700:10::6816:1758
2606:4700:20::681a:24e
2606:4700:21::681b:ce5c
2606:4700::6812:bcf
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:bb19
2a02:26f0:6c00::210:bb90
2a02:fa8:8806:13::1370
2a04:4e42:3::485
3.126.56.137
3.127.106.123
3.230.242.93
34.234.42.43
34.98.64.218
35.157.246.167
35.158.223.21
35.241.40.233
35.82.150.30
37.157.4.40
37.252.172.45
37.252.173.22
5.178.65.246
51.89.9.251
52.1.142.100
52.29.183.32
52.30.92.119
52.31.250.1
52.43.139.3
52.44.64.106
52.46.154.242
52.59.115.28
52.71.142.200
54.155.97.90
54.171.168.191
54.36.109.49
66.155.71.150
69.173.144.138
04e7904cb250fb37f8402f9c67f588c7404b0cf76bd753b607c970ab38275d97
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
089ef98e65d91d422c6362c9788c543ac09f64b016f4e92c1d23df83885d5b00
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ef53677e97b7c0aaa68a9d7e0c3632641480ed0fb28d1982cd0dbca61a55346
0fc0c150eaf673f2893cce5a647c66211c05c126bf26d27300f536c3d6283a87
11714d3e85e2692d3b0e9cb5ad5cec7cb34ebd07e3205b3e9293f844d65d8e59
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1
16665f1d9ec61278f754f95e44463749af88e7d6bc202bdd5143adfd2f197cf1
16804cb00c0df0889ea7744cc8ff04404520f5962e07450938533c4f1fdafad9
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1c78f996eb0fd293fde064129eb76e6d1e6959278ef3761d25bb2beb9b3d0c2a
1d34015323a359b69827f8ea3e943806543dade0169d9687485c2d795c4eaff1
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
233da2b2a1b9c34d46047548a7ac9700898be13fe420719099a13dc7e923206f
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
2552b28a99ec5e0b1e46cdd2f9c989abd7ea21f8c4a03b16c25e3b3ced2771f7
26736ea9bd02f1b9bfe69c088d8a9769ff423801400d038834674aff4bf7aaaa
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a6dddb94c7d3eec3ebdfeccfe224df75d5a7d659a44c299c6ef965d83b0b457
30e075d3f06d246537205c33de00164ddc2997625fcbaed7c2f6ab87f5035727
312e3648f242c78cd6f00047b4491c33b964ea369575d39b924d14bbf34f3b9a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
338dfc3ffc84dfdc9df995e508fcaf1a15777cffd4be395120828493d455a82d
34555959bac38c5b6336fecdeaa872de31c9c8173dfb14c5c3b397cb4007e6fd
34ce1765d8c00898813eb90fc4e527a4054f7023b8f44686c58c3fc51a2b3d19
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ce288c7515b31536e66d76bba32b7dc54eef765d3a31be56b2a13842b1335b
3b0825b3dba5a7872720c9e90c0d96bf1cb6134b56e68c813eade9b03bf39884
3b0e18ca5bd168454ac6d5620e591f97867a7db993d1b42c9bd2d307631365ef
3b75a8397ac1524344170247685676db74881aedaae13c0e0000ec4e15c96fd7
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4167815fe9f5c51ef807be10a1677c9a743ee4653190d9d6a1f4f7723b95c4bc
41c9ab098c52fb0a119002a1a1721b555823537a66ec5e1194371ead7fb00c2a
4260d73aaa2e514150df8d01f7af76cde383fba1fc524ac469f3512ec6ddbdeb
4684e513c977616547f2ac8198467b9bae9f65f5fb4fd8c963626e85f2d9810d
469de99b6c632e00c967846fbe9cd4133d163db31d8fa3835c4ef5ef6ed6b202
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54599cc22f8debc1020c15a634ac231ae6587e14da2795debfd92917c78a9419
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ca39075437ff95abc60b681fc44ce3ac44c13eaee3fee236a2c5c483caeb54
56db4297ab55afe95b1537cb071dfadeb09aa76a53dd483e7cd60046ba39aaa4
5743ed63aae3df0518af28d321d5b89d3e2c18186e95ed881e76a827ca11897e
5872835a3d95b64412777285d9e45733e9f3d6276dc02fc815a31211251d0909
5912b60ea081dc4d4126db35fa2d560b0f7fbfc5e99bb928645cbbfca19ceda1
5b2a765691b3e18c0d36da2361a9ee5023df284a154d55cb963550f841134955
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
60f038994fd542f86289f531b86d5d553b016540e205d70ce094323ebee91397
62290156a07fc7cfde54501840f4b04fcc9561d8d9ccb0e725b269b78e00fe44
627308ed8266245540c081146b61cb73f667d27f155e48476f40e98ec9e78726
63267fd5b37eaf6c57c16985e8a32a003b652263e621bfb697708efde4e96427
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
68e88c4d757d9560ccd16e542c59d911c68a3eb533c8ea264fa2ff787e13a0b6
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6f349ceb3608a039aa878779bfd37599ef95f04101811d090a34492ff1a190
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c90a1ca2e34b39a58236f7b681002b316ef364184611c5e8ede3a27e2ca23b1
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
7082a507f2c4b3dcf0be67afead1d93f6702a9d541a1476fe8ef7e46acbbb355
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
815f00195441950cd1b6668b822f7d67ac4168b35a80d6ec42d50d5ae6fd3082
818e56949b0177aceb969f43c010b2af4d1186882781b882e834125ed414cb61
820940626c8b0ea4d61278c472b9f3f4b02358cbba4c85c0bb22c1d14584b806
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b78e763e109b39d487ca1672679f764a3e77fcf89982fd918685d74d1b8e22
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
860b5e091460d215bed614dc09546612002a6dc4db5225961adabfc374ad49e1
875597d402e0b2512581fa0f83fa3d7260df414140d55bb00788f4e6822fa850
88562af634ddc583a31996ccea617ae7dd4035eaf4116e579d939643d690a077
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4b138fa28d47263437258de17e1bb10a7e2304f1747dd45f5296b1b277c671
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d54ca529d86918310923e81f3a2e5bcf03ecba725c6054c4338ce9efa41908d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5183861467c8b45fb88cc8faf938f35da862db8027e40b7058d9c0b3a55e80
8e8e7a24d39696f203b4eaf83f0cb2539eac81422bd5533cf62eb44f7e8005ae
90075abda85ddcfd1af5057fd5519d9b66772dac6e910fa4d8b03b5b8d840231
908989c7f882114d193e7d09a0aababaa0e1bbba442cb0fe5549486e3e9a0f65
919c7eb4514a5da96aae31deab9a533b2e557f3b0998ced97176dfff42afd065
933f1b4a2a9e6a65b1e070e68c58ea3fce47e3c82ef82718e7ead70cb58cd20a
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
951b9d54e85a14f53cd4d47a0580e5917b1b9f8196ba1ec87eed70106f267b33
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401
9dbdb2f24e97594dfcd47d2d571707fb671ba44ebf94948a43cc437598778bb8
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9e7e21694a4375d38b1c03f93e628613a9b92e19c7bf385022eb67b958fcd497
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1ddbccb365daed46e9ca111f287c4f35497b03e7003cf1e55f13fd8e3637e72
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e2794ef4a8f5e410ed5b95405f174715b1ecd3c93a751d2c2f9a4743c14fc3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adc4f60a9e40bc202a8bf0c07c7d086a2174e33e8d76bdc42e38713b67426744
af8ffb508f5906b156a74613333854a1dc4bf1e19879e02790e10036c77794a1
afe45c73e6119220f69f339a87a228cd301307a75e33442a685e550ec06cab06
b044471878a46c5c4c811e99d8f6af50ccdb9fc81a31e9163ec937d29948ace9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b3f1bdf75dcc33fd124ac4ee83d7f6029f857efbf84f3a111e6708fcfb26a352
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
b51b0c63fb8a8ef6c8cd658afc93c4aee286349fc2efc02f9c3a0effa4aea2c2
b567f5736520c84179b0684dbce090dafcad6541e0fcee4235583e0aa73b326f
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bfbcd9965ad278372d66161e953e159e6e56858d6ec36ebcfb26a09ee764055f
bff684b48da4b1a296fd4a57fe3c6c6b5e95025296553bc2cc363f6a31717e9d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c26b66f4c5b2fc2c130367ddebfa529c1343fd6a64a9e2f381d032d35c8972c5
c26bfe514688318c122c110afdfc82ba7d0948ee41f3ca03f3a174db7ffca298
c29162cd07f825095482d330c88678423ee77175540ad69a62984eee961a163d
c33e931153a5d48ac0f9521179fc8086b3bae8e217e47b7b2f55b02fa3dec5bd
c36dc2640916d6a9d9b1a895fbd674414b1d4ed8bb5007633cb265de0f771e5f
c3a7e92d6ee5f0130be8d10898e2e3c229047ef9ea20c79c451d6c59dc6e6ce7
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
c4fe2e1949f772109d1de1db0084535559215acd2c4f21dc503b9a90c8d5ead5
c75d0455a9310b7ba49a953d2b120fa2e2a4ee20beda6ee243061c5f3ca54103
c85b7499f7382756185eaf0337da3566eea67ec6d6a10557c5e5459a986bb6e5
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9
cc7baf59a4090383aed76a310bd0302f2266266bafc1037f726bad827c91f5c8
cdc61996e89dc15e0cff13b297928b007d19b2a99198bfdcb6e3ede0bbe7f1db
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d340b641c9f01093c3b4805b0c1c998308598c1e8623dbfeb5ee87d0947ae089
d61e09b46fa549634a23ddd9fd43e90b30653a85cc007f0fc2002489fd15f215
d819c737da08dddc192a8ad4356254b140e891f65d2024d555265ae3bd85b013
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de064ab8cd36768f0460c6403a8e7d705508e908503a7a7108942b8b079fddee
de9c099ca6fc03f9f982a3c26d5e54d90657cc0ed578823a90ee62324bbf9124
e36d1b83491c43796030bbfdb1dc1ff78187a85427529e132a99e2a129bb07aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c8dd59015cc0c825903b855a81c58bacac310e2144b6dd744a25f11492c715
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e7364e5e973e81c591f0867212a2732e476b633c40c69f97912b5c6d2b7daa9b
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e821ee7d19a68643b9473143ddd75595a5081434fedea1562c1f794f6b4fd17f
eb48ef7f0ddf941f53d17b738f91ee6a89669fc1a4eb93b0ef29abd28a0ca6ef
ed112bbf522919fb3586f214a11b5c3f941e3ed614d5a3b87426c433847097af
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef24a40bd07a06666b9894e4e4457c4a3ab67f012dd9d81f7abd3dc9c73a5d0e
f0cc03e398cd8fab46b51c0e20f782dd41b27fb1555efcda3f6f2b8b7c14a388
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f90acd9088f31a57f9c8b142bc205164a2001ead5fff1a4949f5808382820fb5
fb105dc2733636d73aaba6ed594c1739bde3b959da35e065364e9bf566a171e3
fb84ccee7e98b50c4725b5cf6b7df76b5382ef6af815ec403d9c95365c1d1e41
fd7f9ad5d0df00744057ee4c4239e9e03e5fcf0167dbee5615f65ddaceb7e10c
fe376626e35270fa60cf647c476851387d93440816777c74fce6437e273ef612