urlscan.io logo urlscan.io
SecurityTrails logo

heman.monster Open in urlscan Pro
194.5.94.117  Public Scan

Go To Rescan Add Verdict Report
URL: http://heman.monster/
Submission: On October 11 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 12 countries across 52 domains to perform 366 HTTP transactions. The main IP is 194.5.94.117, located in Russian Federation and belongs to NFORCE, NL. The main domain is heman.monster.
This is the only time heman.monster was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 194.5.94.117 43350 (NFORCE)
88 2606:4700:20:... 13335 (CLOUDFLAR...)
6 13.225.78.47 16509 (AMAZON-02)
15 216.58.207.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.74 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 192.229.233.175 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.225.78.112 16509 (AMAZON-02)
1 1 72.21.202.25 16509 (AMAZON-02)
1 99.84.185.71 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f11... 32934 (FACEBOOK)
3 151.101.112.134 54113 (FASTLY)
1 143.204.101.51 16509 (AMAZON-02)
1 23.43.115.95 20940 (AKAMAI-ASN1)
2 151.101.13.194 54113 (FASTLY)
7 37.252.161.184 29990 (ASN-APPNEXUS)
13 185.33.223.83 29990 (ASN-APPNEXUS)
11 104.16.68.69 13335 (CLOUDFLAR...)
6 2.16.186.104 20940 (AKAMAI-ASN1)
6 178.250.2.152 44788 (ASN-CRITE...)
6 185.64.189.112 62713 (AS-PUBMATIC)
6 216.52.2.48 29791 (VOXEL-DOT...)
2 13 2.18.232.7 16625 (AKAMAI-AS)
6 178.162.133.150 60781 (LEASEWEB-...)
4 3.224.229.132 14618 (AMAZON-AES)
1 13 34.95.120.147 15169 (GOOGLE)
6 35.156.206.192 16509 (AMAZON-02)
6 69.173.144.143 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2.16.186.51 20940 (AKAMAI-ASN1)
1 74.217.253.90 10913 (INTERNAP-BLK)
8 2a00:1450:400... 15169 (GOOGLE)
1 54.194.74.35 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 74.217.253.70 10913 (INTERNAP-BLK)
5 2a00:1450:400... 15169 (GOOGLE)
4 37.157.2.239 198622 (ADFORM)
4 2.18.235.40 16625 (AKAMAI-AS)
1 69.173.144.152 26667 (RUBICONPR...)
2 37.157.5.73 198622 (ADFORM)
3 11 212.77.99.29 12827 (WIRTUALNA...)
1 23.21.40.106 14618 (AMAZON-AES)
1 35.176.107.49 16509 (AMAZON-02)
1 3.10.83.173 16509 (AMAZON-02)
2 104.109.78.125 20940 (AKAMAI-ASN1)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 176.9.179.57 24940 (HETZNER-AS)
1 143.204.101.111 16509 (AMAZON-02)
4 23.58.219.40 16625 (AKAMAI-AS)
1 2 212.77.100.82 12827 (WIRTUALNA...)
1 178.250.2.130 44788 (ASN-CRITE...)
10 151.101.13.108 54113 (FASTLY)
5 2.18.233.180 16625 (AKAMAI-AS)
5 178.162.133.149 60781 (LEASEWEB-...)
5 5 143.204.101.27 16509 (AMAZON-02)
1 7 52.57.118.141 16509 (AMAZON-02)
4 2600:9000:215... 16509 (AMAZON-02)
1 2.16.186.89 20940 (AKAMAI-ASN1)
1 4 2.18.233.40 16625 (AKAMAI-AS)
14 17 46.137.101.139 16509 (AMAZON-02)
2 2 52.28.145.127 16509 (AMAZON-02)
1 35.157.201.139 16509 (AMAZON-02)
1 2.18.234.21 16625 (AKAMAI-AS)
1 69.173.144.136 26667 (RUBICONPR...)
1 3 151.101.14.2 54113 (FASTLY)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 52.28.211.49 16509 (AMAZON-02)
1 35.190.72.21 15169 (GOOGLE)
1 1 172.217.18.2 15169 (GOOGLE)
366 75
1    194.5.94.117 (Russian Federation)

ASN43350 (NFORCE, NL)
PTR: mail.heman.monster
heman.monster
88    2606:4700:20::681a:8d2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.livingrichwithcoupons.com
6    13.225.78.47 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-47.fra2.r.cloudfront.net
ads.adthrive.com
15    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    13.225.78.74 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-74.fra2.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
2    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
6    192.229.233.175 (Los Angeles, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
i.po.st
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
7    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    2606:4700:10::6814:3677 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.pushcrew.com
1    13.225.78.112 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-112.fra2.r.cloudfront.net
certify.alexametrics.com
1    72.21.202.25 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cloudfront-labs.amazonaws.com
1    99.84.185.71 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-84-185-71.iad89.r.cloudfront.net
a25666e982826db5b043e18a888741f57.profile.iad89-c2.cloudfront.net
6    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
5    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
3    151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
livingrichwithcoupons.disqus.com
1    143.204.101.51 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-51.fra50.r.cloudfront.net
logger.adthrive.com
1    23.43.115.95 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-115-95.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
clarium.global.ssl.fastly.net
7    37.252.161.184 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
13    185.33.223.83 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
11    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
cdn.districtm.io
6    2.16.186.104 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-104.deploy.static.akamaitechnologies.com
as.casalemedia.com
6    178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
6    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
hbopenbid.pubmatic.com
6    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)
ap.lijit.com
13    2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
sync.teads.tv
6    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
4    3.224.229.132 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-224-229-132.compute-1.amazonaws.com
hb.undertone.com
13    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
cafemedia-d.openx.net
eu-u.openx.net
us-u.openx.net
6    35.156.206.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
tlx.3lift.com
6    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
1    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    2.16.186.51 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com
b.scorecardresearch.com
1    74.217.253.90 (United States)

ASN10913 (INTERNAP-BLK - Internap Corporation, US)
po.st
8    2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    54.194.74.35 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-74-35.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
11    2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
1    2404:6800:400a:80b::2003 (Australia)

ASN15169 (GOOGLE - Google LLC, US)
csi.gstatic.com
1    74.217.253.70 (United States)

ASN10913 (INTERNAP-BLK - Internap Corporation, US)
p.po.st
5    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
pagead2.googlesyndication.com
4    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
4    2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    69.173.144.152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
beacon-eu2.rubiconproject.com
2    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
11    212.77.99.29 (Gdańsk, Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ads.businessclick.com
ads.businessclick.com
bc.wp.pl
1    23.21.40.106 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-21-40-106.compute-1.amazonaws.com
stats.aws.rubiconproject.com
1    35.176.107.49 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-176-107-49.eu-west-2.compute.amazonaws.com
mb.moatads.com
1    3.10.83.173 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-10-83-173.eu-west-2.compute.amazonaws.com
geo.moatads.com
2    104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a02:26f0:10c:39a::1349 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
code.createjs.com
2    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    176.9.179.57 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.57.179.9.176.clients.your-server.de
beta.pocketads.pl
1    143.204.101.111 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-111.fra50.r.cloudfront.net
images.thefirstnews.com
4    23.58.219.40 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-58-219-40.deploy.static.akamaitechnologies.com
rubiconproject883925.s.moatpixel.com
2    212.77.100.82 (Gdańsk, Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: dot.wp.pl
dot.wp.pl
1    178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
10    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
acdn.adnxs.com
5    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
5    143.204.101.27 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-27.fra50.r.cloudfront.net
ib.3lift.com
7    52.57.118.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-118-141.eu-central-1.compute.amazonaws.com
eb2.3lift.com
4    2600:9000:2156:6600:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cdn.undertone.com
1    2.16.186.89 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-89.deploy.static.akamaitechnologies.com
a.adroll.com
4    2.18.233.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com
s.adroll.com
17    46.137.101.139 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-137-101-139.eu-west-1.compute.amazonaws.com
d.adroll.com
2    52.28.145.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-145-127.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    35.157.201.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-201-139.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
pixel.rubiconproject.com
3    151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
sync.outbrain.com
trc.taboola.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
simage2.pubmatic.com
1    2a00:1288:110:c305::9000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
ads.yahoo.com
1    52.28.211.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-211-49.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
88 livingrichwithcoupons.com
www.livingrichwithcoupons.com
707 KB
30 adnxs.com
prebid.adnxs.com
ib.adnxs.com
acdn.adnxs.com
18 KB
22 adroll.com
a.adroll.com
s.adroll.com
d.adroll.com
26 KB
18 3lift.com
tlx.3lift.com
ib.3lift.com
eb2.3lift.com
6 KB
17 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
126 KB
13 openx.net
cafemedia-d.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
13 teads.tv
a.teads.tv
sync.teads.tv
2 KB
12 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
simage2.pubmatic.com
1 KB
11 ampproject.org
cdn.ampproject.org
527 KB
11 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
1 KB
11 rubiconproject.com
fastlane.rubiconproject.com
beacon-eu2.rubiconproject.com
stats.aws.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
11 KB
11 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
6 KB
11 districtm.io
dmx.districtm.io
cdn.districtm.io
726 B
10 businessclick.com
ads.businessclick.com
203 KB
8 undertone.com
hb.undertone.com
cdn.undertone.com
2 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
226 KB
8 po.st
i.po.st
po.st
p.po.st
54 KB
7 casalemedia.com
as.casalemedia.com
dsum-sec.casalemedia.com
6 KB
7 adthrive.com
ads.adthrive.com
logger.adthrive.com
210 KB
6 moatads.com
z.moatads.com
mb.moatads.com
geo.moatads.com
px.moatads.com
97 KB
6 adform.net
track.adform.net
s1.adform.net
44 KB
6 lijit.com
ap.lijit.com
3 KB
6 criteo.com
bidder.criteo.com
852 B
6 facebook.com
staticxx.facebook.com
www.facebook.com
731 B
6 facebook.net
connect.facebook.net
278 KB
5 scorecardresearch.com
sb.scorecardresearch.com
b.scorecardresearch.com
4 KB
4 moatpixel.com
rubiconproject883925.s.moatpixel.com
2 KB
3 wp.pl
bc.wp.pl
dot.wp.pl
1 KB
3 disqus.com
livingrichwithcoupons.disqus.com
3 KB
3 google-analytics.com
www.google-analytics.com
35 KB
3 google.com
adservice.google.com
www.google.com
1 KB
2 outbrain.com
sync.outbrain.com
699 B
2 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
1 KB
2 advertising.com
pixel.advertising.com
720 B
2 googleapis.com
fonts.googleapis.com
1 KB
2 googletagservices.com
www.googletagservices.com
57 KB
2 fastly.net
clarium.global.ssl.fastly.net
34 KB
2 cloudfront.net
d31qbv1cthcecs.cloudfront.net
a25666e982826db5b043e18a888741f57.profile.iad89-c2.cloudfront.net
2 KB
1 rlcdn.com
idsync.rlcdn.com
40 B
1 bidswitch.net
x.bidswitch.net
212 B
1 taboola.com
trc.taboola.com
261 B
1 criteo.net
static.criteo.net
14 KB
1 thefirstnews.com
images.thefirstnews.com
12 KB
1 pocketads.pl
beta.pocketads.pl
923 B
1 createjs.com
code.createjs.com
48 KB
1 gumgum.com
g2.gumgum.com
1018 B
1 googletagmanager.com
www.googletagmanager.com
48 KB
1 amazonaws.com
cloudfront-labs.amazonaws.com
220 B
1 alexametrics.com
certify.alexametrics.com
552 B
1 pushcrew.com
cdn.pushcrew.com
74 KB
1 google.de
adservice.google.de
656 B
1 heman.monster
heman.monster
147 KB
366 52
Domain Requested by
88 www.livingrichwithcoupons.com heman.monster
www.livingrichwithcoupons.com
17 d.adroll.com 14 redirects a.adroll.com
15 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
heman.monster
13 ib.adnxs.com ads.adthrive.com
11 cdn.ampproject.org securepubads.g.doubleclick.net
clarium.global.ssl.fastly.net
10 acdn.adnxs.com ads.adthrive.com
10 ads.businessclick.com 2 redirects heman.monster
code.createjs.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
heman.monster
clarium.global.ssl.fastly.net
cdn.ampproject.org
7 eb2.3lift.com 1 redirects ads.adthrive.com
7 sync.teads.tv 2 redirects ads.adthrive.com
7 prebid.adnxs.com ads.adthrive.com
6 eu-u.openx.net 1 redirects ads.adthrive.com
6 fastlane.rubiconproject.com ads.adthrive.com
6 tlx.3lift.com ads.adthrive.com
6 cafemedia-d.openx.net ads.adthrive.com
6 apex.go.sonobi.com ads.adthrive.com
6 a.teads.tv ads.adthrive.com
6 ap.lijit.com ads.adthrive.com
6 hbopenbid.pubmatic.com ads.adthrive.com
6 bidder.criteo.com ads.adthrive.com
6 as.casalemedia.com ads.adthrive.com
6 dmx.districtm.io ads.adthrive.com
6 fonts.gstatic.com heman.monster
code.createjs.com
6 connect.facebook.net heman.monster
connect.facebook.net
6 i.po.st heman.monster
i.po.st
6 ads.adthrive.com heman.monster
ads.adthrive.com
5 cdn.districtm.io ads.adthrive.com
5 ib.3lift.com 5 redirects
5 sync.go.sonobi.com ads.adthrive.com
5 ads.pubmatic.com ads.adthrive.com
5 www.facebook.com heman.monster
connect.facebook.net
4 s.adroll.com 1 redirects s.adroll.com
4 cdn.undertone.com ads.adthrive.com
4 rubiconproject883925.s.moatpixel.com heman.monster
4 track.adform.net clarium.global.ssl.fastly.net
s1.adform.net
4 b.scorecardresearch.com 1 redirects heman.monster
i.po.st
4 hb.undertone.com ads.adthrive.com
3 pagead2.googlesyndication.com heman.monster
3 px.moatads.com heman.monster
3 livingrichwithcoupons.disqus.com www.livingrichwithcoupons.com
livingrichwithcoupons.disqus.com
3 www.google-analytics.com heman.monster
2 sync.outbrain.com 1 redirects
2 pixel.advertising.com 2 redirects
2 dot.wp.pl 1 redirects heman.monster
2 fonts.googleapis.com heman.monster
2 eus.rubiconproject.com heman.monster
ads.adthrive.com
2 s1.adform.net clarium.global.ssl.fastly.net
s1.adform.net
2 www.googletagservices.com securepubads.g.doubleclick.net
clarium.global.ssl.fastly.net
2 clarium.global.ssl.fastly.net ads.adthrive.com
heman.monster
2 www.google.com heman.monster
www.gstatic.com
1 cm.g.doubleclick.net 1 redirects
1 us-u.openx.net
1 idsync.rlcdn.com
1 x.bidswitch.net
1 trc.taboola.com
1 ads.yahoo.com 1 redirects
1 simage2.pubmatic.com
1 pixel.rubiconproject.com
1 dsum-sec.casalemedia.com
1 ups.analytics.yahoo.com
1 a.adroll.com heman.monster
1 static.criteo.net ads.adthrive.com
1 images.thefirstnews.com heman.monster
1 beta.pocketads.pl 1 redirects
1 bc.wp.pl 1 redirects
1 code.createjs.com heman.monster
1 geo.moatads.com z.moatads.com
1 mb.moatads.com z.moatads.com
1 stats.aws.rubiconproject.com heman.monster
1 beacon-eu2.rubiconproject.com heman.monster
1 z.moatads.com clarium.global.ssl.fastly.net
1 p.po.st heman.monster
1 csi.gstatic.com cdn.ampproject.org
1 stats.g.doubleclick.net heman.monster
1 g2.gumgum.com ads.adthrive.com
1 po.st i.po.st
1 www.googletagmanager.com heman.monster
1 sb.scorecardresearch.com ads.adthrive.com
1 logger.adthrive.com ads.adthrive.com
1 www.gstatic.com www.google.com
1 a25666e982826db5b043e18a888741f57.profile.iad89-c2.cloudfront.net heman.monster
1 cloudfront-labs.amazonaws.com 1 redirects
1 certify.alexametrics.com heman.monster
1 staticxx.facebook.com connect.facebook.net
1 cdn.pushcrew.com heman.monster
1 d31qbv1cthcecs.cloudfront.net heman.monster
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 heman.monster www.livingrichwithcoupons.com
366 89
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-06-30 -
2020-06-29		 a year crt.sh
*.adthrive.com
Amazon		 2019-08-31 -
2020-09-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
www.google.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.po.st
COMODO RSA Domain Validation Secure Server CA		 2018-12-17 -
2019-12-17		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
*.pushcrew.com
Go Daddy Secure Certificate Authority - G2		 2019-07-23 -
2021-07-31		 2 years crt.sh
certify.alexametrics.com
Amazon		 2019-07-26 -
2020-08-26		 a year crt.sh
*.profile.iad89-c2.cloudfront.net
Amazon		 2018-12-11 -
2020-01-11		 a year crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2018-03-28 -
2020-04-27		 2 years crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-01-02 -
2020-01-03		 a year crt.sh
prebid.adnxs.com
GeoTrust RSA CA 2018		 2019-03-25 -
2021-05-20		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2019-08-13 -
2020-08-12		 a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-03-28 -
2020-04-01		 a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2019-03-11 -
2020-05-10		 a year crt.sh
teads.tv
Let's Encrypt Authority X3		 2019-08-22 -
2019-11-20		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2019-02-01 -
2021-02-04		 2 years crt.sh
*.undertone.com
Amazon		 2019-02-07 -
2020-03-07		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.3lift.com
Amazon		 2019-07-17 -
2020-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.gumgum.com
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-11-10 -
2020-02-09		 a year crt.sh
*.businessclick.com
RapidSSL RSA CA 2018		 2019-05-29 -
2020-06-27		 a year crt.sh
*.aws.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2017-11-21 -
2021-01-06		 3 years crt.sh
*.moatads.com
DigiCert SHA2 Secure Server CA		 2019-03-12 -
2021-06-10		 2 years crt.sh
ssl.adobe.com
DigiCert SHA2 Secure Server CA		 2019-09-20 -
2021-09-24		 2 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.thefirstnews.com
RapidSSL RSA CA 2018		 2019-04-17 -
2020-05-16		 a year crt.sh
*.wp.pl
RapidSSL RSA CA 2018		 2018-12-24 -
2020-02-22		 a year crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-03-26 -
2020-03-30		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-16 -
2020-05-16		 a year crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA		 2018-12-19 -
2020-03-19		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-05-08 -
2019-11-04		 6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-30 -
2020-07-25		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2019-04-17 -
2020-05-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh

This page contains 58 frames:

Primary Page: http://heman.monster/
Frame ID: 72136BAEE069B762D79720168BD23CDE
Requests: 262 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 1531451CAD135F4BDBCA312F308CBB2D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduWfYSAAAAAEWTQT7rSlErJAhO9tsxCmfIJuQX&co=aHR0cDovL2hlbWFuLm1vbnN0ZXI6ODA.&hl=en&v=xw1jR43fRSpRG88iDviKn3qM&size=normal&cb=6g2ha7e7wrh4
Frame ID: EAF814E566ACA473174955D2B7FDC049
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 11877FDD31ADDE703D581838854176F1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Frame ID: 755EE67040EFF158704C9D3E994EB155
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Frame ID: C3B596DEE27A34A5341AD3FE8600CAB8
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Frame ID: 6296CE42C2B47FD9F8716821397B7B30
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/231910071804120/amp4ads-v0.js
Frame ID: 3049071158FD31B2DFBC228E8C934F68
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/231910071804120/amp4ads-v0.js
Frame ID: 6B5CC947681A585B6B0B1A70F7BECFCC
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 68587EAC46BDCCE7A34F3D39D74B65DB
Requests: 1 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=mOinGM9MTu5v-Lto835XLhlrSPY&tpid=bU9pbkdNOU1UdTV2LUx0bzgzNVhMaGxyU1BZL3J1Ymljb246MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6ImJVOXBia2ROT1UxVWRUVjJMVXgwYnpnek5WaE1hR3h5VTFCWkwzSjFZbWxqYjI0Nk16QXdlREkxTUE9PSIsIndkIjp7ImsuaGJfYmlkZGVyIjoicnViaWNvbiIsImsuaGJfc2l6ZSI6IjMwMHgyNTAifSwid3IiOjd9
Frame ID: C148780F046EF0898781DFA045D10BD1
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 9972805A6A005601B04EEAE175B3B772
Requests: 1 HTTP requests in this frame

Frame: https://code.createjs.com/createjs-2015.11.26.min.js
Frame ID: 77A27EE9123CFC85D92C70AB88CB3976
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 9648E9FA342F7CAE3F4CD9B4CBD5E4EA
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
Frame ID: AB5ED57E2B0A6172BF029524BC2BCD67
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 6E77D1F50F735105FC90B91A3DE33A91
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Frame ID: C3E2958EC51CF8989CED9FB25C953F81
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 57CCA0C9DD83D3C60BEEA9D52645143F
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=3f0e51cba3
Frame ID: 4A2B356217A7732DB1B780CA6F2DCC0E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 080E58F726E95078FAA3EAA23F1664CC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 73869E1A266EF5C9175AF4BF880A446E
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Frame ID: CCBD58CF262A11D04A6EA254F8797EFA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 95226BBB0F752F909D188FFF244C3A4E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2FC74108A9525F34A43374DE14772A90
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Frame ID: 726D0824C29A08EBFDB7D8BDBBE79FB5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 3434C98A3BCCC162B4F9E0BDACF9C64C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: DD9A2A2371F437C3A72245D4832C62F1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 97016F9ED76224B24BBC4C6772AFB202
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: FDB5530FCA9CC935CC8DC0C0A28FD02B
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Frame ID: F93C8087745DE626C9EB38198A469F52
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Frame ID: 1D1D5F291B5451BC5E44AA313CD982B4
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
Frame ID: F5E97E4269A1731B1E6973F2E432225C
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=3f0e51cba3
Frame ID: BE9EE5E7E85575208A6468DD3BA63453
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7101A9444C99CAB7499880ECA617D414
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=3f0e51cba3
Frame ID: 75037E05F13030860BC71CB027172F44
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B0661AB9160F534239313D4B34207BD0
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
Frame ID: 765BC885381F40A6F2DCE4308FF3DD1F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: E1857169E4E16D7F6229F901BDD56D26
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D2D422AD57B914C280EC73DADE3D6EEF
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Frame ID: 4A3F77B78FC859FE6CC890B2B9652029
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=3f0e51cba3
Frame ID: 72E27EC8335A619B4EDED7119E802E4F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 0C97139CC3FFCC3C9C6D4197093D8E7D
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=3f0e51cba3
Frame ID: D32A72FF326944DDE0F439AAA938BE03
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: DE8F86864F936E906675B145D3671D9F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 718BD79D739E53EDF8C9ABA4CCF70ACD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E26840047C851F03979714FC54A87898
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 3FA45FC860A977ACBB864E372E72B81D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 332621D31BE883C73637B0939A427FF4
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2A25389F1565CF9093D68B22DAD5BEAE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Frame ID: CBA9DEE4E3F607003F33DFD51F1E8209
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
Frame ID: DDF623D5E52BA34C353E4D57E4F58043
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 60A90C26C513B06596C09EC74627784E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2EDF274E937D9C7A2C9B84D8973A9B5E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D5486E61A8EB96EA62D2E95AF30AFDD6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Frame ID: 64603D1E27178456E53584825CBFCDE0
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
Frame ID: 5157938A5D936E3C0E7308F0CAF26E2D
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Frame ID: 965FE714C48CFB7B593C55B37CF83C23
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 2857054B1D26FB67A2BF14D947AEB246
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

366
Requests

96 %
HTTPS

25 %
IPv6

52
Domains

89
Subdomains

75
IPs

12
Countries

3032 kB
Transfer

9167 kB
Size

33
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101
  • https://cloudfront-labs.amazonaws.com/x.png HTTP 302
  • https://a25666e982826db5b043e18a888741f57.profile.iad89-c2.cloudfront.net/test.png
Request Chain 167
  • https://b.scorecardresearch.com/b?c1=2&c2=20567959&ns__t=1570791201731&ns_c=UTF-8&cv=3.1e&c8=Printable%20Coupons%20-%20Grocery%20Coupons%20-%20Coupon%20Website%20-%20CouponsLiving%20Rich%20With%20Coupons%C2%AE&c7=http%3A%2F%2Fheman.monster%2F&c9= HTTP 302
  • https://b.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1570791201731&ns_c=UTF-8&cv=3.1e&c8=Printable%20Coupons%20-%20Grocery%20Coupons%20-%20Coupon%20Website%20-%20CouponsLiving%20Rich%20With%20Coupons%C2%AE&c7=http%3A%2F%2Fheman.monster%2F&c9=
Request Chain 287
  • https://ads.businessclick.com/match/ HTTP 302
  • https://bc.wp.pl/match/eyJiY3RyYWNlIjoiVWNpT3E0UDdZMTRKOXM4ODIyZzE2eElaMDMxZDJwWDkifQ.XaBfIw.kmuiqqMihHCaTzvGA43Wsfq07-A HTTP 302
  • https://ads.businessclick.com/match/e30.XaBfIw.FML3TOj7MYNjNKBPSswHN6b2OzU
Request Chain 288
  • https://ads.businessclick.com/cookie?s=mobime&f=1 HTTP 302
  • https://beta.pocketads.pl/pAdsTest/partners/?s=1&f=1&p=0&tid=UciOq4P7Y14J9s8822g16xIZ031d2pX9 HTTP 302
  • https://ads.businessclick.com/cookie/4256092800?s=mobime
Request Chain 299
  • https://dot.wp.pl/r2738788/show.gif?srv=tfn_ad&par=action%3Dload%26category%3Dview%26label%3Dhttps%3A//www.thefirstnews.com/article/die-welt-thanks-to-law-and-justice-poles-benefit-from-prosperity-8012%26target%3DNews%20%26%20Politics%26format%3D300x250%26version%3Db%26value%3Dnull HTTP 301
  • https://dot.wp.pl/r1570791203/shown?srv=tfn_ad&par=action%3Dload%26category%3Dview%26label%3Dhttps%3A//www.thefirstnews.com/article/die-welt-thanks-to-law-and-justice-poles-benefit-from-prosperity-8012%26target%3DNews%20%26%20Politics%26format%3D300x250%26version%3Db%26value%3Dnull
Request Chain 305
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
Request Chain 307
  • https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D& HTTP 302
  • https://sync.teads.tv/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Request Chain 310
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 312
  • https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D& HTTP 302
  • https://sync.teads.tv/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Request Chain 328
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync
Request Chain 334
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync
Request Chain 339
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync
Request Chain 343
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync
Request Chain 350
  • https://s.adroll.com/j/exp/5MAOSLY6L5FGXHKIV3HIZM/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 353
  • https://d.adroll.com/pixel/5MAOSLY6L5FGXHKIV3HIZM/3TBQFSFBJBAH5E7TC4CZ5T?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&pv=31112215302.10524&cookie=&adroll_s_ref=&keyw=&arrfrr=http%3A%2F%2Fheman.monster%2F HTTP 302
  • https://s.adroll.com/pixel/5MAOSLY6L5FGXHKIV3HIZM/3TBQFSFBJBAH5E7TC4CZ5T/LFACRSBTBJA77FKTBFCDEL.js
Request Chain 356
  • https://d.adroll.com/cm/aol/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP5b79fc11-ec15-11e9-b254-02fbefe83874
Request Chain 357
  • https://d.adroll.com/cm/index/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&expiration=1602327208
Request Chain 358
  • https://d.adroll.com/cm/n/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&expires=365
Request Chain 359
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&rdrctExp=true
Request Chain 360
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 361
  • https://d.adroll.com/cm/r/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 362
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
Request Chain 363
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&dongle=c85e
Request Chain 364
  • https://d.adroll.com/cm/b/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
Request Chain 365
  • https://d.adroll.com/cm/x/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
Request Chain 366
  • https://d.adroll.com/cm/l/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=41a1347fb460cdc91d2e7ada759aa661
Request Chain 367
  • https://d.adroll.com/cm/o/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=41a1347fb460cdc91d2e7ada759aa661
Request Chain 368
  • https://d.adroll.com/cm/g/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=QaE0f7RgzckdLnradZqmYQ HTTP 302
  • https://d.adroll.com/cm/g/in

366 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heman.monster/ 		146 KB
147 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://heman.monster/
Protocol
HTTP/1.1
Server
194.5.94.117 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS
mail.heman.monster
Software
Apache / PHP/5.3.3
Resource Hash
92a2c59af307ff18fe238afcd7a474bbfc83869a882ba3d6acf93a080a3ec401

Request headers

Host
heman.monster
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 09:52:58 GMT
Server
Apache
X-Powered-By
PHP/5.3.3
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
cv.css
www.livingrichwithcoupons.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/ 		76 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
dbd21434a01bdc63075bfc9259c20b6a06b628267d25ee9683939ed2f088fffd

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1524569
x-powered-by
centminmod
status
200
last-modified
Sun, 28 Jul 2019 18:50:23 GMT
server
cloudflare
etag
W/"5d3dee6f-12ff7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb60cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
cvpro.min.css
www.livingrichwithcoupons.com/wp-content/plugins/pt-content-views-pro/public/assets/css/ 		71 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.6.0.2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
3b4dce6c068a00b8298f12d1f4e719f2204778beb1140a078293b413ba7a63a9

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1521405
x-powered-by
centminmod
status
200
last-modified
Sat, 14 Sep 2019 22:20:28 GMT
server
cloudflare
etag
W/"5d7d67ac-11d6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb63cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
bootstrap.min.css
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/css/ 		115 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/css/bootstrap.min.css?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1861533
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-1ca39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb82cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
bootstrap-select.min.css
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/css/bootstrap-select.min.css?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
e87df7af2736769ae5a182fc99cffd6222c8a12ce2705949410d3f9d6753f75a

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1222130
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-1636"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb77cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
jasny-bootstrap.min.css
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/css/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/css/jasny-bootstrap.min.css?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
3c7f91683fa3c54ba25059f4933d0baa50388be0b40052a2defe9b9f5317c5b4

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
320706
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-36ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb72cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
style.css
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/style.css?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
fe060df81345c3598fb1067860468455383f759ea6d8747413ee42b8af06885e

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
2536882
x-powered-by
centminmod
status
200
last-modified
Tue, 06 Aug 2019 21:26:26 GMT
server
cloudflare
etag
W/"5d49f082-8a52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb75cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
responsive.css
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/css/responsive.css?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
fa31eec2e9b84384d3fc2ad5181243a818e301d542f3500ead207d8f600f790e

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1861533
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-4811"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb84cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
slick.css
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/vendor/slick/ 		2 KB
542 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/vendor/slick/slick.css?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1521405
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-6b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb79cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
gallery-shortcode.css
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/Main/assets/css/ 		2 KB
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/Main/assets/css/gallery-shortcode.css?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
e14d33ba8d1c8ff9db8eb5ee4375d4fc54a7143b33723f932f9f320daed58790

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1478361
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-9d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb7acb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
jquery.fancybox.css
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/PopupTutorials/assets/js/fancybox/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/PopupTutorials/assets/js/fancybox/jquery.fancybox.css?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
2287227
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-131f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb68cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
tag-labels.css
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/TagLabels/assets/css/ 		4 KB
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/TagLabels/assets/css/tag-labels.css?ver=1.6
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
b3de1212acd32858e1f9563fcc95aae2c394bbafeba3f008b9f33ff40f8f8a38

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1524569
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-fe8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb8bcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
styles.css
www.livingrichwithcoupons.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
699 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 14 Sep 2019 22:20:25 GMT
server
cloudflare
age
4101
x-powered-by
centminmod
etag
W/"5d7d67a9-695"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
52404a2cfb6ccb9c-VIE
expires
Fri, 11 Oct 2019 14:53:20 GMT
jquery-ui-1.9.2.custom.css
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/jquery-ui/css/lrwc-theme-v1/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/jquery-ui/css/lrwc-theme-v1/jquery-ui-1.9.2.custom.css?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
3b7e628797088acbfbd09c7add29853879fe398f581bc7a86e0470afbf274116

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
320706
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:53:14 GMT
server
cloudflare
etag
W/"5d3257ea-7e2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb74cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
ads.min.js
ads.adthrive.com/sites/58fa6be2fda2bb5a837bdfd2/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/58fa6be2fda2bb5a837bdfd2/ads.min.js?threshold=47
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.47 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a6dec881d50751f2d09e40136502a6abe953119d8f888e73e340ed6033239fe

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
gzip
last-modified
Thu, 12 Sep 2019 15:31:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
wxxCS8Kblco4M7CDpoQNVLugUlsbyE29
status
200
cache-control
max-age=3600
content-type
application/javascript
x-amz-cf-id
5-9Xxum7LqN0TlZ82PloD-Svr0AWdYaJH12M6kAfTFunr76HP1ZRaQ==
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
wp-emoji-release.min.js
www.livingrichwithcoupons.com/wp-includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1861533
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:48:23 GMT
server
cloudflare
etag
W/"5d3256c7-2efa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d2c12cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
lrwc-userfeatures.css
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/css/ 		3 KB
939 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/css/lrwc-userfeatures.css?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
8a60cbcbcdd7a3230a7a2b6ad96d69b9f9f0afc71e5f0e12376be5288ebeaadf

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1521405
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:53:14 GMT
server
cloudflare
etag
W/"5d3257ea-c77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb66cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
lrwc-shopandreport.css
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/css/ 		1 KB
395 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/css/lrwc-shopandreport.css?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
7a6243879fd4b8aabea31d8a49d1b540adcd8c9ae36d5ca1853afc98a336effd

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
853706
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:53:14 GMT
server
cloudflare
etag
W/"5d3257ea-42c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb83cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
style-frontend-pro.css
www.livingrichwithcoupons.com/wp-content/plugins/social-pug/assets/css/ 		54 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/social-pug/assets/css/style-frontend-pro.css?ver=2.7.2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
ca47b7a2aa24685bf578ba5336137dab83036a4d7cfdf6c9fe3cfeba626cc2e8

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
320706
x-powered-by
centminmod
status
200
last-modified
Sat, 14 Sep 2019 22:20:33 GMT
server
cloudflare
etag
W/"5d7d67b1-d7da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb88cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
tastefully-simple.min.css
www.livingrichwithcoupons.com/wp-content/plugins/wp-recipe-maker/templates/recipe/legacy/tastefully-simple/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/wp-recipe-maker/templates/recipe/legacy/tastefully-simple/tastefully-simple.min.css?ver=5.5.3
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
d57198bcebd98a277249e6e9321cd5aa58746ea1f0000449377aad5039a3b8f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
224446
x-powered-by
centminmod
status
200
last-modified
Sat, 14 Sep 2019 22:20:46 GMT
server
cloudflare
etag
W/"5d7d67be-27c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb86cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
items-grid.css
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/Main/assets/css/ 		1 KB
493 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/Main/assets/css/items-grid.css?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
8959553ed89b73e4b7b10b4a1ab1b49049b75b1ed98b61c4615a3e739e05a3e4

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1861533
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-4dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb6fcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
common.css
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/css/common.css?ver=3.5.3
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
fc201d00042cdb49c958f6e076b241204eaf30111ffd01b6a330d494ea6e6600

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1521405
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-3476"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb6acb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
main.css
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/css/main.css?ver=3.5.3
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
26aebfaf6a663229c50be8d93ca36b79a7bd0d15e99115f4ada783ee91859da8

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
682782
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-1ebf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb73cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
main.css
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/views/default/frontend/css/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/views/default/frontend/css/main.css?ver=3.5.3
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
0ff4d5777f4885ea2b3969dfe5dd2029f3a6a436c4769cb1861835974b4a52b9

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
224446
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-9d7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb80cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
jquery.js
www.livingrichwithcoupons.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
166237
x-powered-by
centminmod
status
200
last-modified
Thu, 05 Sep 2019 07:08:40 GMT
server
cloudflare
etag
W/"5d70b478-17a6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bbfcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
jquery-migrate.min.js
www.livingrichwithcoupons.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1861533
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:48:23 GMT
server
cloudflare
etag
W/"5d3256c7-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bb7cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
jquery.fancybox.pack.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/PopupTutorials/assets/js/fancybox/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/PopupTutorials/assets/js/fancybox/jquery.fancybox.pack.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
43263
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-5a5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0ba9cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
popup-tutorials.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/PopupTutorials/assets/js/ 		299 B
234 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/PopupTutorials/assets/js/popup-tutorials.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
915a7441690d36e41b2c9a1217fd700910961599dfed3d8d6c0895fbd451fb75

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1790137
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-12b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bb0cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
regional-content.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/RegionalContent/assets/js/ 		188 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/RegionalContent/assets/js/regional-content.js?ver=1.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
b08fe7505355a43ec5990f3270a46855fc33088257fbb623a33f888a306972b0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1790137
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bbdcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
email-subscriptions.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/EmailSubscriptions/assets/js/ 		1 KB
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/EmailSubscriptions/assets/js/email-subscriptions.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
7ef5f8c42acdc6090f9296721db02d23ca969b022dff3061d857cc4ac9d519f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
2536882
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-544"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0badcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
main.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/cdb/ 		1015 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/cdb/main.js?ver=3.5.3
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
2109579a9fe9cd42712882153b1282565407c30771e80882b89ecca1fbc947e6

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1222130
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-3f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bbacb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
dashboard.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/cdb/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/cdb/dashboard.js?ver=3.5.3
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
3211bfa262e89b39e2ea37612d9934a7e57b36c0bf83987316c296fbe9192ae9

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
2287225
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-2130"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0baccb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
jquery-ui-1.9.2.custom.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/jquery-ui/js/ 		440 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/jquery-ui/js/jquery-ui-1.9.2.custom.js?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
ef4718e31cf0c8953a9e3c34246c3bb2c9ae9ce33ceb659ffa3bb2d238399a70

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1790136
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:53:15 GMT
server
cloudflare
etag
W/"5d3257eb-6de55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bbecb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
lrwc-userfeatures.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/js/lrwc-userfeatures.js?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
cd66f006d9bf9f567d2724991f4e02f5597f4d6fad5a752bd138eaf3e5d8f989

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
2287223
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:53:14 GMT
server
cloudflare
etag
W/"5d3257ea-ce7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bb5cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
lrwc-shopandreport.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/js/ 		862 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/js/lrwc-shopandreport.js?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
e50771a4bcfe1aaa347d70f10a6a12c88e6be6fde68dcc7988816782762fcfe4

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1524569
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:53:14 GMT
server
cloudflare
etag
W/"5d3257ea-35e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bc3cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
jquery.ui.datepicker.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/jquery-ui/development-bundle/ui/ 		75 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-userfeatures/jquery-ui/development-bundle/ui/jquery.ui.datepicker.js?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
13cbfa8375957d42bf3e8aec0d95021b69f4eaee1af8fd5278d505cb335649c3

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1790134
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:53:14 GMT
server
cloudflare
etag
W/"5d3257ea-12ddc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0baacb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
front-end-pro.js
www.livingrichwithcoupons.com/wp-content/plugins/social-pug/assets/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/social-pug/assets/js/front-end-pro.js?ver=2.7.2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
995cd37f7b4bbc5a240f8a81b2ed5ecece879580518a2e4105955d4ff19f44b0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1524569
x-powered-by
centminmod
status
200
last-modified
Sat, 14 Sep 2019 22:20:33 GMT
server
cloudflare
etag
W/"5d7d67b1-4e03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bb9cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
coupons.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/cdb/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/cdb/coupons.js?ver=3.5.3
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
4fcc73d6ba6e3607f69257d600438a9caa70b64c608fbc8d903d9958ed5b5b2e

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
status
200
cf-cache-status
MISS
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
x-powered-by
centminmod
etag
W/"5d3f60b6-25ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bb1cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
popup.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/cdb/ 		41 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/cdb/popup.js?ver=3.5.3
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
dfccd59823c28d55d7bff42c2a401b8f86ace283684a7949d90e0672364745be

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
2536882
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-a3de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bc1cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
frontend.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/frontend.js?ver=3.5.3
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
fefffe936cdae6d115237d35676966c9cd7c8db55a8259decb363851c4b69865

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
317430
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-181e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb8ecb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
jquery.cookie.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/ 		2 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/jquery.cookie.js?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
9fc1ebdd1d49741a4f0aeb25fafa46d73290cb1381aed455ff8d23b44570acc1

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1790132
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-910"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bbccb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
json2.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/json2.js?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
49341399c4801527cc40f534238ec5bfb28e4f88a219d094f0a9d339107d7f26

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
2514075
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-4474"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0babcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
jquery.customSelect.min.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/ 		2 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/jquery.customSelect.min.js?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
94eb062f034d9c0a3631943344065bc2e07d520367312378b596f2b1f2a65109

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
1524569
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-9ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0baecb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
modal-window.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/ 		3 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/modal-window.js?ver=3.5.3
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
2ae0d8cb1da6bba656e0cacc9d88a07d455f62e3c05d2420905a37bce9bb11ee

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
2514075
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-db5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2d0bb3cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
coupons-list.js
www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/cdb/plugins/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/cdb/plugins/coupons-list.js?ver=3.5.3
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
16e8fc2e77511c61940989b1310dcc8bfa07f29dc78dda7cba57b39d66e28ab9

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:20 GMT
content-encoding
br
cf-cache-status
HIT
age
2536882
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-22ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2cfb8dcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:20 GMT
adthrive.min.js
ads.adthrive.com/core/v1/js/ 		216 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=47
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/58fa6be2fda2bb5a837bdfd2/ads.min.js?threshold=47
Protocol
HTTP/1.1
Server
13.225.78.47 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00ff952a3a3d45301c2d38beeb9065509b4b594b6d02ee57a7cb3b0abcdf1f29

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 20:16:30 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 07 Oct 2019 21:21:03 GMT
Server
AmazonS3
Age
858
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
x-amz-version-id
83ltUdRKQpR9sK4_Qsv6T66f8V_SYzZ3
Via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
Content-Type
application/javascript
X-Amz-Cf-Id
sFjDGbDyRtErLh2dyrq2If7eWC-TfHA869AXNYYC3FPd3k0vQdm_Mg==
cmp.bundle.js
ads.adthrive.com/gdpr/cmp/ 		138 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/gdpr/cmp/cmp.bundle.js
Requested by
Host: ads.adthrive.com
URL: http://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=47
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.47 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb6f68118b51eb89379519cbbc3526e741af47d7cec5b33622fb77c9be246494

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
zjxD5hL7oUyyObH35q3OtNc0wGywJi6A
content-encoding
gzip
last-modified
Thu, 03 Oct 2019 16:40:44 GMT
server
AmazonS3
age
412
date
Fri, 11 Oct 2019 10:46:29 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
_272coXF3GghBeKBCDTRNnomMpcY3HrXWPu2vu3T5ofeFD5SAPfYJw==
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: http://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
186edb52569a032f506d4e99aa2f325a0327a247d9bb7a79c3fc3ca8b61b1a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"304 / 538 of 1000 / last-modified: 1570730339"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14544
x-xss-protection
0
expires
Fri, 11 Oct 2019 10:53:21 GMT
prebid.min.js
ads.adthrive.com/core/gdpr/vendor/prebid/ 		304 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: http://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=47
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.47 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a849dac33da858570a9911d5ed8b8c40e8646a14fbff50ac9aaee9048beb9453

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
eMQMabyfnLky4f8BKXnGYSQZyH4r.Mxg
content-encoding
gzip
last-modified
Mon, 07 Oct 2019 21:21:02 GMT
server
AmazonS3
age
2214
date
Fri, 11 Oct 2019 10:16:28 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
e96E3lS6Oyl0stngsyyEbDFGO8gAgzQO8VqlkJudV5suIdAGS-GJJg==
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
vendorlist.json
ads.adthrive.com/gdpr/ 		85 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/gdpr/vendorlist.json
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/gdpr/cmp/cmp.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.47 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbcadc50fa4ac76ebceea52b5afee2223a3cbd73c25cdd581492074df794dfc3

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
gzip
last-modified
Mon, 19 Aug 2019 20:15:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
status
200
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
x-amz-version-id
03uRNcexOFtsnYFqvyXNcxooi7Vs.uf0
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Miss from cloudfront
content-type
application/json
x-amz-cf-id
1kVdo56pFsVdmuFn1y-AVXziZZ9e5ey4STHtLihwkwqf9OSjEmHdCw==
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
integrator.js
adservice.google.de/adsid/ 		109 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=heman.monster
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=heman.monster
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019100701.js
securepubads.g.doubleclick.net/gpt/ 		158 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
08f654ecc2de344db8e57cffbbc5580c1879b30637dc5162c1ca307ad19df550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Oct 2019 13:07:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59106
x-xss-protection
0
expires
Fri, 11 Oct 2019 10:53:21 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.74 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-74.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 12 Jul 2019 20:30:22 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
7827780
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
Pex1Sr3ZDM_zYueQyFa8c0BR0S_PXbq_KdStYzLPwQ42s3fss-PobQ==
logo.png
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/logo.png
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
1ee1be13d34339e64187a0813f209adf5acb862ac8048da3a1b10281a3f0d1fd

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
HIT
age
1105670
x-powered-by
centminmod
status
200
content-disposition
inline; filename="logo.webp"
content-length
6096
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
"5d3f60b6-2d62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 10 Nov 2019 10:53:21 GMT
cache-control
public, max-age=2592000
cf-polished
origFmt=png, origSize=11618
accept-ranges
bytes
cf-ray
52404a2fab1bcb9c-VIE
cf-bgj
imgq:85
floating-header-logo.png
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/floating-header-logo.png
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
6cb4ac8a7da47327a0b464590dabbfb9caef6933c9e15062dcdaa0a45519bbcc

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
HIT
age
16551
x-powered-by
centminmod
status
200
content-disposition
inline; filename="floating-header-logo.webp"
content-length
1618
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
"5d3f60b6-d76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 10 Nov 2019 10:53:21 GMT
cache-control
public, max-age=2592000
cf-polished
origFmt=png, origSize=3446
accept-ranges
bytes
cf-ray
52404a2fab1ecb9c-VIE
cf-bgj
imgq:85
api.js
www.google.com/recaptcha/ 		729 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
ac2feca4963ef256b5de3dc7f92cd215fe0c5aeb9b77c9326470fdbb52b66579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
465
x-xss-protection
1; mode=block
expires
Fri, 11 Oct 2019 10:53:21 GMT
giantmartin-coupon-match-ups-260x130.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2017/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2017/04/giantmartin-coupon-match-ups-260x130.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
ea2a69582dba7d4e80c2388eb068093a9b517b7aab3c281639333e65695c3d88

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
11068
last-modified
Fri, 19 Jul 2019 23:51:04 GMT
server
cloudflare
etag
"5d325768-2b3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb67cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
giant-coupon-match-ups-260x130.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2017/04/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2017/04/giant-coupon-match-ups-260x130.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
2385ccbfcff201384dd405fed6dfc8cf57dcb3bcf4d4038de40e35ecdbbd1622

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
9755
last-modified
Fri, 19 Jul 2019 23:51:04 GMT
server
cloudflare
etag
"5d325768-261b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb69cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
stop-shop-coupon-match-ups-260x130.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2017/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2017/04/stop-shop-coupon-match-ups-260x130.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
c04b42bbda9e38e518b4fdd45e2ebb94f9fcf7c8211223c45acd105f0d1b753b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
11014
last-modified
Fri, 19 Jul 2019 23:51:05 GMT
server
cloudflare
etag
"5d325769-2b06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb6bcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
dg-260x127.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2017/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2017/04/dg-260x127.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
988eefdb48a44600d064051069f94e470460bce2d0e46be8b3b294bd77ca02cc

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
12463
last-modified
Fri, 19 Jul 2019 23:51:04 GMT
server
cloudflare
etag
"5d325768-30af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb6ccb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
rite-aid-deals--260x136.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2017/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2017/04/rite-aid-deals--260x136.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
f741a670221f7d93b17f9c344a0e36537ff670c414bec159086e8f566c6997bd

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
12315
last-modified
Fri, 19 Jul 2019 23:51:04 GMT
server
cloudflare
etag
"5d325768-301b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb6ecb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
acme-coupon-match-ups-260x130.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2017/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2017/04/acme-coupon-match-ups-260x130.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
99a95f298b353680d9a67619d07e05bbdb8d67e52e3bf4539821fbe427a75efe

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
11225
last-modified
Fri, 19 Jul 2019 23:51:03 GMT
server
cloudflare
etag
"5d325767-2bd9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb6fcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
11-3-260x160.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2019/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2019/10/11-3-260x160.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
0373ad20708ca9272cf5e53a08cb1a2b0a0d4ae9dafa621f11b7fb31ab221e21

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
12174
last-modified
Thu, 10 Oct 2019 12:29:43 GMT
server
cloudflare
etag
"5d9f2437-2f8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb70cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
eucerin1-260x160.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2019/09/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2019/09/eucerin1-260x160.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
053a50739b5df48ab1c1a1837f157185e89eabd38f42271088252057292281d3

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
15848
last-modified
Tue, 01 Oct 2019 11:25:22 GMT
server
cloudflare
etag
"5d9337a2-3de8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb71cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
coupons-ending-260x130.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2017/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2017/04/coupons-ending-260x130.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
de4a51dbf7559be2bcbc6138bad7659dfd3cd09c3baa0d8c8354d70a5f0fd9c7

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
11837
last-modified
Fri, 19 Jul 2019 23:51:04 GMT
server
cloudflare
etag
"5d325768-2e3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb72cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
delizza-260x150.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2018/06/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2018/06/delizza-260x150.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
f5c770cefd3e597957ab698d1318fa8d96412fdc8570980ba57351cd0b427408

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
13038
last-modified
Fri, 19 Jul 2019 23:50:34 GMT
server
cloudflare
etag
"5d32574a-32ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb7fcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
This-weeks-Dollar-Tree-Deals-260x130.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2017/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2017/04/This-weeks-Dollar-Tree-Deals-260x130.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
7d4d6a10f83c87c7c9dd056786d1e84ca1d73133684adea7291ce1e9ca2fe43b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
12092
last-modified
Fri, 19 Jul 2019 23:51:03 GMT
server
cloudflare
etag
"5d325767-2f3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb81cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
walgreens-top-deals-FB-2-260x130.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2017/04/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2017/04/walgreens-top-deals-FB-2-260x130.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
f580468cb36a20898996416bd21674c7f0a2d3da8cdf027fce4c68d790a998bc

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
13006
last-modified
Fri, 19 Jul 2019 23:51:05 GMT
server
cloudflare
etag
"5d325769-32ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb83cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
barilla-260x154.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2018/03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2018/03/barilla-260x154.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
3c6b87bd79f2a4ae06f04395ee1695fe76d8d8d30d61dd01480f3d06f1db51da

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
13930
last-modified
Fri, 19 Jul 2019 23:50:41 GMT
server
cloudflare
etag
"5d325751-366a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb84cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
target-7-260x130.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2017/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2017/04/target-7-260x130.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
f4e2181331f2b99c560c5c453f3c8cabd47889db51cf1a5f421838f650df6658

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
11906
last-modified
Fri, 19 Jul 2019 23:51:05 GMT
server
cloudflare
etag
"5d325769-2e82"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb85cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
IMG_9717-260x160.jpg
www.livingrichwithcoupons.com/wp-content/uploads/2019/05/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2019/05/IMG_9717-260x160.jpg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
3213c4649401f5b7d9563aa47a2ba3eda0ca9aa6965d5a1f64dfa0ffac87e3eb

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
MISS
x-powered-by
centminmod
status
200
content-length
14007
last-modified
Fri, 19 Jul 2019 23:49:39 GMT
server
cloudflare
etag
"5d325713-36b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb86cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
SideBarLinks_03.png
www.livingrichwithcoupons.com/wp-content/uploads/2015/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2015/08/SideBarLinks_03.png
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
f2333d4e3ac730ff3547cc15aa86b6d764e4b7a1e8f80786aab40222efaa5d3f

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
HIT
age
323535
x-powered-by
centminmod
status
200
content-disposition
inline; filename="SideBarLinks_03.webp"
content-length
2672
last-modified
Fri, 19 Jul 2019 23:52:35 GMT
server
cloudflare
etag
"5d3257c3-c50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 10 Nov 2019 10:53:21 GMT
cache-control
public, max-age=2592000
cf-polished
origFmt=png, origSize=3152
accept-ranges
bytes
cf-ray
52404a2fbb87cb9c-VIE
cf-bgj
imgq:85
SideBarLinks_01.png
www.livingrichwithcoupons.com/wp-content/uploads/2015/08/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/uploads/2015/08/SideBarLinks_01.png
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
7f0657baf493587ee21bf3e0cd64dc3b2ff0d6254f789c5d281f0c157e739ca1

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
HIT
age
2335720
x-powered-by
centminmod
status
200
content-length
2164
last-modified
Fri, 19 Jul 2019 23:52:35 GMT
server
cloudflare
etag
"5d3257c3-874"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a2fbb89cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
jquery.cookie.js
www.livingrichwithcoupons.com/wp-content/plugins/what-would-seth-godin-do/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/what-would-seth-godin-do/jquery.cookie.js
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
bb44c4cb430b9c92806843d8c70840217565fc3d6f74a47e4c0486f368b4ad25

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1535921
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:53:13 GMT
server
cloudflare
etag
W/"5d3257e9-e81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab41cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
recent-comments.css
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/DisqusTools/assets/css/ 		2 KB
582 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/DisqusTools/assets/css/recent-comments.css?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
bdeda55981a57b53a56ddcc6cef9358e46d82a88f42ff41bc8191b52771d81ef

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1524569
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-6e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab46cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
salvattore.min.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/salvattore.min.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
e516bcf51aa9623e140f0dc321b4e58d619ff5eea946ad832c1f1f213929b792

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1790132
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-1d45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab48cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
frontend.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/frontend.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
759c844de76b39422ccd0e3e848bf8cd6bb97398affea1aa236c6976b4081a24

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
2287221
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-1556"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab4acb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
bootstrap-select.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/bootstrap-select.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
01edfe80606752be1ef61d10183f62d549a0b469fcc9c26e2f778e99863a3486

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
2514076
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-aad4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab4bcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
bootstrap.min.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/bootstrap.min.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
2514076
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-8c6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab4ecb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
bootstrap-checkbox.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/bootstrap-checkbox.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
b64d48b9209baf680024d2beab2d500039e613ede85c09bb5b8b40bf1ab222b6

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1524569
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-27ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab4fcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
slick.min.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/vendor/slick/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/vendor/slick/slick.min.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
22529609ad54b33ee1695008d3daa6e35f133849c49ee00d7e9bc02eb0dd9a56

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
2287221
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-9040"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab52cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
icheck.min.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/vendor/icheck/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/vendor/icheck/icheck.min.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
2d7a3c723919afb5e2eab003f470cf164362598bec3bd86d56a0c9bb708b24c3

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1790132
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-2326"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab53cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
gallery-shortcode.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/Main/assets/js/ 		78 B
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/Main/assets/js/gallery-shortcode.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
716083d9db8f6da95cbb733abfd22189b1e33d5baa3626801ff5e1889666750c

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1524569
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab55cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
favorites.js
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/Api/assets/js/ 		770 B
395 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/Api/assets/js/favorites.js?ver=2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
b95d3646b2666e06064e5157e9087410eec1336de1668c87ee2d1de0e301b5c7

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1524569
x-powered-by
centminmod
status
200
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
W/"5d3f60b6-302"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab57cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
scripts.js
www.livingrichwithcoupons.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 14 Sep 2019 22:20:25 GMT
server
cloudflare
age
4100
x-powered-by
centminmod
etag
W/"5d7d67a9-3868"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=14400
cf-ray
52404a2fab58cb9c-VIE
expires
Fri, 11 Oct 2019 14:53:21 GMT
cv.js
www.livingrichwithcoupons.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.2.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
cf9b3937b122b2c960947ecd3ba443b93116241f9d703f6ada39a3bccdf59d99

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
853697
x-powered-by
centminmod
status
200
last-modified
Sun, 28 Jul 2019 18:50:23 GMT
server
cloudflare
etag
W/"5d3dee6f-5a72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab59cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
cvpro.min.js
www.livingrichwithcoupons.com/wp-content/plugins/pt-content-views-pro/public/assets/js/ 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.6.0.2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
9d480c9c3ac2d51566647fe6d10862fec574e10c95c9716a054640b6e62074c8

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1524569
x-powered-by
centminmod
status
200
last-modified
Sat, 14 Sep 2019 22:20:28 GMT
server
cloudflare
etag
W/"5d7d67ac-27022"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab5acb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
comment_count.js
www.livingrichwithcoupons.com/wp-content/plugins/disqus-comment-system/public/js/ 		889 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1524568
x-powered-by
centminmod
status
200
last-modified
Sun, 28 Jul 2019 18:51:10 GMT
server
cloudflare
etag
W/"5d3dee9e-379"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab5ccb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
post-widget.js
i.po.st/static/v3/ 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.po.st/static/v3/post-widget.js?ver=1.0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.175 Los Angeles, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B3) /
Resource Hash
7aea9b507cc9d6ce2a4c55ab494df59d7d3cf41987d0031dde0bf1eeb8f97cff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 23:58:13 GMT
server
ECS (fcn/40B3)
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
38961
expires
Fri, 5 Jul 2019 04:18:46 GMT
core.min.js
www.livingrichwithcoupons.com/wp-includes/js/jquery/ui/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1524568
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:48:23 GMT
server
cloudflare
etag
W/"5d3256c7-fa0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab5dcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
datepicker.min.js
www.livingrichwithcoupons.com/wp-includes/js/jquery/ui/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1790132
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:48:23 GMT
server
cloudflare
etag
W/"5d3256c7-8e9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fab5ecb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
new-tab.min.js
www.livingrichwithcoupons.com/wp-content/plugins/page-links-to/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-content/plugins/page-links-to/js/new-tab.min.js?ver=3.1.2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
2536882
x-powered-by
centminmod
status
200
last-modified
Sun, 28 Jul 2019 18:51:17 GMT
server
cloudflare
etag
W/"5d3deea5-f3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fbb64cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
wp-embed.min.js
www.livingrichwithcoupons.com/wp-includes/js/ 		1 KB
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.livingrichwithcoupons.com/wp-includes/js/wp-embed.min.js?ver=4.9.11
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
cf-cache-status
HIT
age
1790132
x-powered-by
centminmod
status
200
last-modified
Fri, 19 Jul 2019 23:48:23 GMT
server
cloudflare
etag
W/"5d3256c7-57b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
52404a2fbb66cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2596
date
Fri, 11 Oct 2019 10:10:05 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 11 Oct 2019 12:10:05 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f39e06c612ea39f12df39da5ffe79a7437c38ea97aa8cf37ccbee5198eaede3d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
22375
x-xss-protection
0
pragma
public
x-fb-debug
reh91L6rG3uosXMnNsPtPj/hXOPX99ow5vjiL1ioZ0e4F8sn/dP1YLoLeZkKtUIqnTQciPxb+3wa97CvC6g2Rg==
x-fb-trip-id
1554255614
x-frame-options
DENY
date
Fri, 11 Oct 2019 10:53:21 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0e7f3376ee7edfd88ccb0dfa571f919bfbdfc1690960923a6343ba7b1bfa7ea8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DP4ifo2FHSfTyFj2HzgRvQ==
status
200
content-length
1782
etag
"b2efb1afcf1816181e70f5d67aa479c2"
x-fb-debug
DHqD5t+49bPDE6+YmFukXC7aN7wdoz1YQdHvRuAxwHARcTknRIspYGgnNwX1rIOESnO1ireljZE0A3X672oY3g==
x-fb-trip-id
1554255614
x-fb-content-md5
fd4861eb2b808995efb499ad9dd5721b
x-frame-options
DENY
date
Fri, 11 Oct 2019 10:53:21 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 11 Oct 2019 11:01:36 GMT
791ed6493171026ad782e6e1d88ed300.js
cdn.pushcrew.com/js/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/791ed6493171026ad782e6e1d88ed300.js
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3677 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f129322e3022a554ee9712b78af6080a3b04da6470daf1ce4e639cf6d8c8f3

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 16 Sep 2019 12:33:20 GMT
server
cloudflare
etag
W/"5d7f8110-40e49"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=43200
cf-ray
52404a2fab42cb9c-VIE
expires
Fri, 11 Oct 2019 22:53:21 GMT
sdk.js
connect.facebook.net/en_US/ 		194 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b3c459c74b96c50fa3527856d9f69c86&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
09dc69867700c2c8fa3a65b7e092309eb4c79b4da93d53c820b18bed1a197c94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
Origin
http://heman.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SqyRTTzqJkQ6jYBEzPQ1Xw==
status
200
content-length
59081
etag
"acf5a3630a7779152605e2d800515b26"
x-fb-debug
4kyPapoGiw2/R2sILBjjOQMiEZACvpuZoxr15QYFqtgjUF1HXPLlCeJi8QDyRMBPaDLu1x149YMQH5WYTHBHow==
x-fb-trip-id
1554255614
x-fb-content-md5
b9af894ee80b48afd4f1496f4afea23a
x-frame-options
DENY
date
Fri, 11 Oct 2019 10:53:21 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sat, 10 Oct 2020 09:32:39 GMT
763278473730718
connect.facebook.net/signals/config/ 		280 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/763278473730718?v=2.9.5&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
19736cb9f99dbec1539e167687adaccda378240be8c14dde7aea0a426a4d07e0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-trip-id
1554255614
pragma
public
x-fb-debug
jjBJaDvhlWuqfxb9ZxWRKu1XO00jA1DhosLmRB/bLP/UvODos6IjldUbHBGP9dgGc/OXOi/dyEZbExDwckV/gA==
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
DENY
date
Fri, 11 Oct 2019 10:53:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 1531 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b3c459c74b96c50fa3527856d9f69c86&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 10 Oct 2020 00:00:07 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
z2vri4KVFrnG7VceYjNM3LxZlIg8yA03oaXqdfHIJPW8AToX/Rkst2yWlR+Yeo7kP+jhxae9l/XYOoDD8NKx3g==
content-length
11767
x-fb-trip-id
1554255614
date
Fri, 11 Oct 2019 10:53:21 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Printable%20Coupons%20-%20Grocery%20Coupons%20-%20Coupon%20Website%20-%20CouponsLiving%20Rich%20With%20Coupons%C2%AE&time=1570791201290&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fheman.monster%2F&random_number=1762222031&sess_cookie=8d3f896e16dba7399ef9f5572a5&sess_cookie_flag=1&user_cookie=8d3f896e16dba7399ef9f5572a5&user_cookie_flag=1&dynamic=false&domain=livingrichwithcoupons.com&account=rYbse1aMYw00Ex&jsv=20130128&user_lang=en-US
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 11:07:05 GMT
Via
1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
138185
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA2-C2
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
czJNmy05JkAVgMSVOYchQg8RG8_Bf8V15NG_oYOKJSq3ENzw1QT63g==
test.png
a25666e982826db5b043e18a888741f57.profile.iad89-c2.cloudfront.net/
Redirect Chain
  • https://cloudfront-labs.amazonaws.com/x.png
  • https://a25666e982826db5b043e18a888741f57.profile.iad89-c2.cloudfront.net/test.png
58 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a25666e982826db5b043e18a888741f57.profile.iad89-c2.cloudfront.net/test.png
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.84.185.71 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-84-185-71.iad89.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 10:53:21 GMT
Via
1.1 9acd372742573b89975d7dceea2dc950.cloudfront.net (CloudFront)
Server
CloudFront
X-Cache
RoutingProfileExp from cloudfront
Content-Type
text/plain
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
58
X-Amz-Cf-Id
DbweeXrJWaUwl-JZVONGPQkc9pl2sGGlHL4Zlh7Oqh022PI486prGw==
Expires
Fri, 11 Oct 2019 10:53:21 GMT

Redirect headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Oct 2019 10:53:20 GMT
Server
Server
Content-Length
0
Location
https://a25666e982826db5b043e18a888741f57.profile.iad89-c2.cloudfront.net/test.png
wrapper-before.png
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/ 		166 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/wrapper-before.png
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
9fc628ea2de051392f6f0e6cb4791a3921dce4dcc7ed0d0c7bde4bbd6174aa39

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/style.css?ver=2.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
HIT
age
16551
x-powered-by
centminmod
status
200
content-disposition
inline; filename="wrapper-before.webp"
content-length
166
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
"5d3f60b6-47f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 10 Nov 2019 10:53:21 GMT
cache-control
public, max-age=2592000
cf-polished
origFmt=png, origSize=1151
accept-ranges
bytes
cf-ray
52404a302cfbcb9c-VIE
cf-bgj
imgq:85
main-sprite.png
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/mobile/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/mobile/main-sprite.png
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
15dd49ca9781c5ea3f41fb8f720b888b43b790c7f90e3ec26a297d5662789864

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/style.css?ver=2.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
HIT
age
310188
x-powered-by
centminmod
status
200
content-disposition
inline; filename="main-sprite.webp"
content-length
27632
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
"5d3f60b6-dc1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 10 Nov 2019 10:53:21 GMT
cache-control
public, max-age=2592000
cf-polished
origFmt=png, origSize=56348
accept-ranges
bytes
cf-ray
52404a302cfdcb9c-VIE
cf-bgj
imgq:85
main-sprite.png
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/main-sprite.png
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
434f70ea916709d4aa90578bb7cb9a30d4f22c5df53d4714b7104d259760116d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/style.css?ver=2.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
HIT
age
179612
x-powered-by
centminmod
status
200
content-length
82915
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
"5d3f60b6-143e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a302d06cb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
4vqKRIwnQQGUQQh-PnvdMA.woff2
fonts.gstatic.com/s/lora/v9/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v9/4vqKRIwnQQGUQQh-PnvdMA.woff2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a46e820d2220cc8294b904183ac41dacc46c53a4113586b6d7938fd5d43757c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/style.css?ver=2.0
Origin
http://heman.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 17:46:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Oct 2014 20:37:14 GMT
server
sffe
age
234433
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
47984
x-xss-protection
0
expires
Wed, 07 Oct 2020 17:46:08 GMT
xgzbb53t8j-Mo-vYa23n5ugdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/josefinsans/v9/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v9/xgzbb53t8j-Mo-vYa23n5ugdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f29801f4781f3c9f988125bc457f2d398ca7baa614c1ae1d93df6380a6b38405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/style.css?ver=2.0
Origin
http://heman.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 15:11:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Oct 2014 20:37:15 GMT
server
sffe
age
3958883
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
22828
x-xss-protection
0
expires
Tue, 25 Aug 2020 15:11:58 GMT
WFDkXpubrEwopJnSlHV6CPk_vArhqVIZ0nv9q090hN8.woff2
fonts.gstatic.com/s/sacramento/v4/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sacramento/v4/WFDkXpubrEwopJnSlHV6CPk_vArhqVIZ0nv9q090hN8.woff2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0798f078b3b1f3586b9292852836e0debb7752c9ed21351b9a163076b44156dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/style.css?ver=2.0
Origin
http://heman.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 18:10:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Aug 2014 23:54:51 GMT
server
sffe
age
232954
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24088
x-xss-protection
0
expires
Wed, 07 Oct 2020 18:10:47 GMT
rxxXUYj4oZ6Q5oDJFtEd6vk_vArhqVIZ0nv9q090hN8.woff2
fonts.gstatic.com/s/fjallaone/v4/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v4/rxxXUYj4oZ6Q5oDJFtEd6vk_vArhqVIZ0nv9q090hN8.woff2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d93b3e0523a3044e8a26474cdce53e2de4a4c8ba1e72e090305037c37040e94f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/style.css?ver=2.0
Origin
http://heman.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 07:31:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Aug 2014 18:23:59 GMT
server
sffe
age
12094
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16356
x-xss-protection
0
expires
Sat, 10 Oct 2020 07:31:47 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/ 		253 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6f33adecfa8dacb04b161289c89b2930d80324d5d0baa1c0da86ed08b9c1ebda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 09:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Oct 2019 21:23:03 GMT
server
sffe
age
176394
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
92207
x-xss-protection
0
expires
Thu, 08 Oct 2020 09:53:27 GMT
pagination-bg.png
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/ 		104 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/pagination-bg.png
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
419507ed6fab38d09381c5d837bf46af4ec060edef8385695db33402ce4499b6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/style.css?ver=2.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
HIT
age
644576
x-powered-by
centminmod
status
200
content-disposition
inline; filename="pagination-bg.webp"
content-length
104
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
"5d3f60b6-3f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 10 Nov 2019 10:53:21 GMT
cache-control
public, max-age=2592000
cf-polished
origFmt=png, origSize=1014
accept-ranges
bytes
cf-ray
52404a308e42cb9c-VIE
cf-bgj
imgq:85
footer-bg.png
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/images/footer-bg.png
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
8df15e729995f28af56812c6797376e30514d55c208813c59f6ba568fe4dbee9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/style.css?ver=2.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
HIT
age
2335720
x-powered-by
centminmod
status
200
content-length
1058
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
"5d3f60b6-422"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
52404a308e4bcb9c-VIE
expires
Sun, 10 Nov 2019 10:53:21 GMT
/
www.facebook.com/tr/ 		44 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=763278473730718&ev=PageView&dl=http%3A%2F%2Fheman.monster%2F&rl=&if=false&ts=1570791201459&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=30&fbp=fb.1.1570791201458.1448124727&it=1570791201245&coo=false&exp=w0&rqm=GET
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 11 Oct 2019 10:53:21 GMT
recent-comments-bg.png
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/DisqusTools/assets/images/ 		168 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/DisqusTools/assets/images/recent-comments-bg.png
Requested by
Host: www.livingrichwithcoupons.com
URL: https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/salvattore.min.js?ver=2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
c95930c32dad9532648824e1ea5921315ad7be2756329ab48932745d65829cc9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/DisqusTools/assets/css/recent-comments.css?ver=4.9.11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
HIT
age
1105662
x-powered-by
centminmod
status
200
content-disposition
inline; filename="recent-comments-bg.webp"
content-length
168
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
"5d3f60b6-471"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 10 Nov 2019 10:53:21 GMT
cache-control
public, max-age=2592000
cf-polished
origFmt=png, origSize=1137
accept-ranges
bytes
cf-ray
52404a314839cb9c-VIE
cf-bgj
imgq:85
recent-comments-bubbles.png
www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/DisqusTools/assets/images/ 		1000 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/DisqusTools/assets/images/recent-comments-bubbles.png
Requested by
Host: www.livingrichwithcoupons.com
URL: https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/assets/js/salvattore.min.js?ver=2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8d2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
0efe616f3fccafb971429e53e2ca734d0d4e8b4079fc06d7057c8491820afcad

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.livingrichwithcoupons.com/wp-content/themes/lrwc2015/framework/modules/DisqusTools/assets/css/recent-comments.css?ver=4.9.11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
HIT
age
737158
x-powered-by
centminmod
status
200
content-disposition
inline; filename="recent-comments-bubbles.webp"
content-length
1000
last-modified
Mon, 29 Jul 2019 21:10:14 GMT
server
cloudflare
etag
"5d3f60b6-a1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 10 Nov 2019 10:53:21 GMT
cache-control
public, max-age=2592000
cf-polished
origFmt=png, origSize=2589
accept-ranges
bytes
cf-ray
52404a31483acb9c-VIE
cf-bgj
imgq:85
count.js
livingrichwithcoupons.disqus.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livingrichwithcoupons.disqus.com/count.js
Requested by
Host: www.livingrichwithcoupons.com
URL: https://www.livingrichwithcoupons.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 10:53:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
238693
P3P
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 01 Oct 2019 21:53:32 GMT
Server
nginx
ETag
"5d93cadc-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
/
heman.monster/ 		0
0
event
logger.adthrive.com/ 		19 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=58fa6be2fda2bb5a837bdfd2&siteName=Living%20Rich%20With%20Coupons&bucket=gdpr&branch=gdpr%2369a1e3c&threshold=47&message=AdThrive%3A%3Ainit%20started&body=%5B%5D
Requested by
Host: ads.adthrive.com
URL: http://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=47
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e063443c9fc17b47a6c56347534058fd75e60bf5b6ff58cbfdc72472ecd93ab

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
status
200
content-length
19
last-modified
Tue, 28 Feb 2017 17:20:56 GMT
server
AmazonS3
etag
"30bfc97c194c30846355ddd7f4e77a41"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
epgi_5Exr2naR0dzmXVUVtLprJKBhQheOoCy7jo5LgGY_xEbHqkOPg==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js?cs_ucfr=0
Requested by
Host: ads.adthrive.com
URL: http://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=47
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.115.95 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-43-115-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Sat, 12 Oct 2019 10:53:21 GMT
wrap.js
clarium.global.ssl.fastly.net/gpt/a/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Requested by
Host: ads.adthrive.com
URL: http://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=47
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
f279f81ae0e7a8a707abc9bac4df8b11cd100c7611e4c5822b27a73d56260a96

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Age
1045
X-Cache
HIT
Connection
keep-alive
Content-Length
21830
X-Served-By
cache-fra19145-FRA
Last-Modified
Wed, 09 Oct 2019 17:54:53 GMT
Server
nginx
X-Timer
S1570791202.620843,VS0,VE0
ETag
"5d9e1eed-fba9"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
453
ads.min.css
ads.adthrive.com/sites/58fa6be2fda2bb5a837bdfd2/ 		524 B
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/58fa6be2fda2bb5a837bdfd2/ads.min.css
Requested by
Host: ads.adthrive.com
URL: http://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=47
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.47 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b46a3efd2e49807ceefabc2365d1923f9a52e49d346ff37780f4fc3577e9fcb2

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 03:41:54 GMT
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
last-modified
Thu, 12 Sep 2019 15:31:24 GMT
server
AmazonS3
age
2189
etag
"2fcda6360cc0ffdb97017208551f5ac2"
x-cache
Hit from cloudfront
x-amz-version-id
eGks3ZTjgxKFBBHZw9x20sHZcW6a7wE1
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
text/css
content-length
524
x-amz-cf-id
zRvofuRuxEyVLx5Fp30aCiafN_bpIInyudcOG6VCVUZEEz-xCKoS8g==
cookie_sync
prebid.adnxs.com/pbs/v1/ 		42 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.184 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.13.10 /
Resource Hash
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Server
nginx/1.13.10
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
42
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		126 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.184 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.13.10 /
Resource Hash
7f1e84cbd9ebd48867830fb1153302bef634528d7fe061ea3aaeef44f0a5fca4

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Server
nginx/1.13.10
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
126
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
256fcf960dc092df85a2e91b16a08e5a826a62baea2791b6774a7edcd49258b8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.19:80
AN-X-Request-Uuid
f035b6f3-cc4f-4e9d-a0ce-fc5cb01b088f
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
http://heman.monster
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
52404a331a4abf0a-FRA
access-control-allow-headers
origin, content-type
cygnus
as.casalemedia.com/ 		24 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.casalemedia.com/cygnus?s=185761&v=7.2&r=%7B%22id%22%3A%22925acaddad1a65%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221023165adcbd89e%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185761%22%2C%22sid%22%3A%223_1%22%7D%7D%2C%7B%22id%22%3A%22111679fc218610e%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185761%22%2C%22sid%22%3A%223_2%22%7D%7D%2C%7B%22id%22%3A%22127d5cdc9066c1b%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185761%22%2C%22sid%22%3A%223_4%22%7D%7D%2C%7B%22id%22%3A%2213ed36a90c27786%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185761%22%2C%22sid%22%3A%223_5%22%7D%7D%2C%7B%22id%22%3A%2214fc79d0d827da9%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185761%22%2C%22sid%22%3A%223_6%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fheman.monster%2F%3F%23PD%3Adesktop%23Topic%3APersonal%20Finance%23Topic%3ASB%23Topic%3Aholmm1%23Topic%3Aholbk1%23Topic%3AVDAY%23MCMP%3A%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.104 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-104.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
79a1ff3db87facf2bfbbabb9e1f6078a4fc74e0765aeb409282bf6b31565c28b

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Fri, 11 Oct 2019 10:53:21 GMT
cdb
bidder.criteo.com/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.32.0&cb=62776061777
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:21 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://heman.monster
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://heman.monster
bid
ap.lijit.com/rtb/ 		24 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.32.0
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
7d0cc09dd8efba5a5ba60d04fae178e09d4ea23778d475212719f3cc5fd14bda

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
bid-request
a.teads.tv/hb/ 		16 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://heman.monster
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 11 Oct 2019 10:53:21 GMT
trinity.json
apex.go.sonobi.com/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2226df1eeb07b0d04%22%3A%225ff6fad3a94f2bce2881%7C728x90%2C300x250%2C320x50%2C336x280%2C300x50%2C320x100%2C468x60%2C250x250%2C120x240%2C1x1%2C300x300%2C552x334%2C728x250%22%7D&ref=http%3A%2F%2Fheman.monster%2F&s=5de964a6-003e-4a09-9663-311cb580a104&pv=92445c50-00af-42ef-a3da-3cb1ce587314&vp=desktop&lib_name=prebid&lib_v=2.32.0&us=5&ius=1&gdpr=false&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
ee707d2294be202b0f86143a82dacd424711ab254599c2b7e8dd7fd6de7d3bd4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
152
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
88c1f72aa4b0718ea9cbf306cc31dd877cbe74c84e8179be6f256f612ea24bc8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.85:80
AN-X-Request-Uuid
ffd2a7c2-03df-4756-af79-75788a86a7b3
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
hb.undertone.com/ 		0
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2002&domain=heman.monster&gdpr=0&gdprstr=
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.229.132 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-229-132.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
status
204
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
http://heman.monster
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
arj
cafemedia-d.openx.net/w/1.0/ 		172 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fheman.monster%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=adea176a-b8a7-4cf6-8479-eca273fab3bb&nocache=1570791201634&aus=728x90%2C300x250%2C320x50%2C336x280%2C300x50%2C320x100%2C468x60%2C250x250%2C120x240%2C1x1%2C300x300%2C552x334%2C728x250&divIds=AdThrive_Content_1_desktop&auid=538699864&tps=aGlfYXU9bWluaXNjcm9sbGVy&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
d2ab948a3355ade8261ceda8f2a3ced2a44229087cfaa4b58f96b7e923747231

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://heman.monster
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
172
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.32.0&referrer=http%3A%2F%2Fheman.monster%2F&tmax=2800
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.206.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
x-auction-status
3, 3
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://heman.monster
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		275 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881398&size_id=15&alt_size_ids=2%2C1%2C14%2C16%2C43%2C44%2C48%2C117&p_pos=unknown&rf=http%3A%2F%2Fheman.monster%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=adea176a-b8a7-4cf6-8479-eca273fab3bb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.8830589596576646
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
a6a23b70f7cf81d20d838a12b8c95592f5fa6dec30aa03c56f536a4fbf797650

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=394
Content-Length
275
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		126 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.184 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.13.10 /
Resource Hash
3543cd0e780c9215f04735ebbd29bcc24124eb26abeca31e9300a4e179fdd1fa

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Server
nginx/1.13.10
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
126
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4248cf156826a4e7b6c1ea1fdd76f16619e76f4af4703aa05ef016d9a0d8ad0e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.47:80
AN-X-Request-Uuid
bbdbda61-553b-4ff6-8635-3982a1a67753
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
cafemedia-d.openx.net/w/1.0/ 		172 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fheman.monster%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=58a27d0a-7ac5-4c5e-815f-73ff5c77c793&nocache=1570791201643&aus=728x90%2C300x250%2C320x50%2C336x280%2C300x50%2C320x100%2C468x60%2C250x250%2C120x240%2C1x1%2C300x300%2C552x334%2C728x250&divIds=AdThrive_Content_2_desktop&auid=538699865&tps=aGlfYXU9&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
7b2b44b88516279d6f084d53344efceb465eabb5bdb1a7d8601b1afe46efa80e

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://heman.monster
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
172
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		150 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22482611b356cc332%22%3A%22b1824141cebbb58a2929%7C728x90%2C300x250%2C320x50%2C336x280%2C300x50%2C320x100%2C468x60%2C250x250%2C120x240%2C1x1%2C300x300%2C552x334%2C728x250%22%7D&ref=http%3A%2F%2Fheman.monster%2F&s=66b86cb7-e637-4f69-9591-0930b747797f&pv=92445c50-00af-42ef-a3da-3cb1ce587314&vp=desktop&lib_name=prebid&lib_v=2.32.0&us=5&ius=1&gdpr=false&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
315d60fd4fe987c98f4a7ac0f39d89103a096bd6247adb930060f9ba0c915be2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
151
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.32.0
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
5524ab41c2429a1f3da5efc6aa095ed2ac657ad31be2ea2fea99f205f076620d

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
auction
tlx.3lift.com/header/ 		19 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.32.0&referrer=http%3A%2F%2Fheman.monster%2F&tmax=2800
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.206.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
x-auction-status
3, 3
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://heman.monster
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881400&size_id=15&alt_size_ids=2%2C1%2C14%2C16%2C43%2C44%2C48%2C117&p_pos=unknown&rf=http%3A%2F%2Fheman.monster%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=58a27d0a-7ac5-4c5e-815f-73ff5c77c793&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.9387975756470024
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
e5c23c36b7fd933bf457831c06c6bd78b972f131cd7ae2f9fc2478020f4bb8a0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=399
Content-Length
1718
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://heman.monster
cygnus
as.casalemedia.com/ 		25 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.casalemedia.com/cygnus?s=185762&v=7.2&r=%7B%22id%22%3A%22604ac343f38df9b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226130518dd79a644%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22sid%22%3A%224_1%22%7D%7D%2C%7B%22id%22%3A%2262452b547f734e3%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22sid%22%3A%224_2%22%7D%7D%2C%7B%22id%22%3A%2263b7335d84937d%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22sid%22%3A%224_4%22%7D%7D%2C%7B%22id%22%3A%2264caee3471ec895%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185762%22%2C%22sid%22%3A%224_5%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fheman.monster%2F%3F%23PD%3Adesktop%23Topic%3APersonal%20Finance%23Topic%3ASB%23Topic%3Aholmm1%23Topic%3Aholbk1%23Topic%3AVDAY%23MCMP%3A%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.104 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-104.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b2920fc18423a819a69ed51102a2a4b0cccd066e0c630678692815a6f7b717b8

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Fri, 11 Oct 2019 10:53:21 GMT
bid-request
a.teads.tv/hb/ 		16 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://heman.monster
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 11 Oct 2019 10:53:21 GMT
cdb
bidder.criteo.com/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.32.0&cb=2597476328
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:20 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://heman.monster
timing-allow-origin
*
vary
Origin
hb
hb.undertone.com/ 		0
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2002&domain=heman.monster&gdpr=0&gdprstr=
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.229.132 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-229-132.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
status
204
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
http://heman.monster
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
http://heman.monster
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
52404a331a4dbf0a-FRA
access-control-allow-headers
origin, content-type
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
995b63dd19719c2f2c752f4673f421eccf3026c6e6a2b196ef66687aedc5c2ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid
642d8405-09d6-4213-96c2-f3357f25ad17
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
r1post.css
i.po.st/static/v3/css/ 		94 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.po.st/static/v3/css/r1post.css?4_55_0_rel_49
Requested by
Host: i.po.st
URL: https://i.po.st/static/v3/post-widget.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.175 Los Angeles, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A3) /
Resource Hash
56981da1d6154f054910ac0aea204b4bfc0ac2d1bc15699e0cf6ebcfa59a5297

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 23:58:13 GMT
server
ECS (fcn/41A3)
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
10153
expires
Tue, 11 Jun 2019 12:38:17 GMT
r1post_retina.css
i.po.st/static/v3/css/ 		4 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.po.st/static/v3/css/r1post_retina.css
Requested by
Host: i.po.st
URL: https://i.po.st/static/v3/post-widget.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.175 Los Angeles, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AB) /
Resource Hash
465aadacf0437f758793e23a81a537cd97384edb3701c034747abbfb373305ee

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 23:58:13 GMT
server
ECS (fcn/41AB)
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
573
expires
Fri, 11 Oct 2019 10:53:21 GMT
anchor
www.google.com/recaptcha/api2/ Frame EAF8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduWfYSAAAAAEWTQT7rSlErJAhO9tsxCmfIJuQX&co=aHR0cDovL2hlbWFuLm1vbnN0ZXI6ODA.&hl=en&v=xw1jR43fRSpRG88iDviKn3qM&size=normal&cb=6g2ha7e7wrh4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C8HagXDSTBH6wL3HbiZ5ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LduWfYSAAAAAEWTQT7rSlErJAhO9tsxCmfIJuQX&co=aHR0cDovL2hlbWFuLm1vbnN0ZXI6ODA.&hl=en&v=xw1jR43fRSpRG88iDviKn3qM&size=normal&cb=6g2ha7e7wrh4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
content-security-policy
script-src 'report-sample' 'nonce-C8HagXDSTBH6wL3HbiZ5ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
content-encoding
gzip
date
Fri, 11 Oct 2019 10:53:21 GMT
expires
Fri, 11 Oct 2019 10:53:21 GMT
cache-control
private, max-age=0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1081
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		126 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.184 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.13.10 /
Resource Hash
131b2d9ae92d3521329e6d3c0332e7323e4a7be2215f39bf0deb4b892f9194d3

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Server
nginx/1.13.10
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
126
Expires
0
cdb
bidder.criteo.com/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.32.0&cb=55161789717
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:21 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://heman.monster
timing-allow-origin
*
vary
Origin
arj
cafemedia-d.openx.net/w/1.0/ 		173 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fheman.monster%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=d104dd69-41d5-4a33-ace0-48eb56b4dc0b&nocache=1570791201696&aus=728x90%2C320x50%2C320x100%2C468x60&divIds=AdThrive_Header_1_desktop&auid=538699873&tps=aGlfYXU9&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
0cc348ccdad929a093d637122dc59958c470c86eb055fa940dc28c5f93befe48

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://heman.monster
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
173
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881422&size_id=2&alt_size_ids=1%2C43%2C117&p_pos=unknown&rf=http%3A%2F%2Fheman.monster%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=d104dd69-41d5-4a33-ace0-48eb56b4dc0b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.4263091149983911
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
6fa513f823cc936392314f3d7c03878d547d74e72a17f4a2fd5a3a0fb5fd93d9

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=363
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
as.casalemedia.com/ 		25 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.casalemedia.com/cygnus?s=185774&v=7.2&r=%7B%22id%22%3A%2286488563d212c86%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2287ba42ce3e026bd%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22sid%22%3A%2215_1%22%7D%7D%2C%7B%22id%22%3A%2288837874e37f408%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185774%22%2C%22sid%22%3A%2215_4%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fheman.monster%2F%3F%23PD%3Adesktop%23Topic%3APersonal%20Finance%23Topic%3ASB%23Topic%3Aholmm1%23Topic%3Aholbk1%23Topic%3AVDAY%23MCMP%3A%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.104 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-104.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
22ed4b20b3c6289b46e1cd7ac37ee6f41301d7da99c6b7baac0cccc84480206c

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Fri, 11 Oct 2019 10:53:21 GMT
auction
tlx.3lift.com/header/ 		19 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.32.0&referrer=http%3A%2F%2Fheman.monster%2F&tmax=2800
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.206.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
x-auction-status
3
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://heman.monster
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
fbcaad7677c68b21da82107a3c43519a90f53913fc70caa872f964b3cd1a410f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid
82b5cc60-6a50-4df4-884d-919eb16d7ed6
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.32.0
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
ec84f32d1fcb430e07aef8fb7dd8910b8a65c94d5caad214983aa869b6ae70fb

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
http://heman.monster
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
52404a336afdbf0a-FRA
access-control-allow-headers
origin, content-type
bid-request
a.teads.tv/hb/ 		16 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://heman.monster
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 11 Oct 2019 10:53:21 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://heman.monster
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
d2edf6221e5035fe9721b536656a0454dcb0b9fc48ddb42c26ea4ff002f167bb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.81:80
AN-X-Request-Uuid
a7f59429-1046-4684-ba8a-1561b6ba1778
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		151 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221058243644a4bca2%22%3A%2208546c43f1c9c99b2f34%7C728x90%2C320x50%2C320x100%2C468x60%22%7D&ref=http%3A%2F%2Fheman.monster%2F&s=1145b897-4649-484f-aeec-1840eb02b219&pv=92445c50-00af-42ef-a3da-3cb1ce587314&vp=desktop&lib_name=prebid&lib_v=2.32.0&us=5&ius=1&gdpr=false&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
da866393bb3ffb41ed94716e9857649423e6431535af052e7bf0283d3bb56ae4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
153
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		358 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PBN79J&l=dataLayerCBias
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b05adbc63f53e0b19d0cf390b9e0a07272cb4c3b82bd8a4456e4bb30103a39b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
br
last-modified
Fri, 11 Oct 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
49426
x-xss-protection
0
expires
Fri, 11 Oct 2019 10:53:21 GMT
b2
b.scorecardresearch.com/
Redirect Chain
  • https://b.scorecardresearch.com/b?c1=2&c2=20567959&ns__t=1570791201731&ns_c=UTF-8&cv=3.1e&c8=Printable%20Coupons%20-%20Grocery%20Coupons%20-%20Coupon%20Website%20-%20CouponsLiving%20Rich%20With%20C...
  • https://b.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1570791201731&ns_c=UTF-8&cv=3.1e&c8=Printable%20Coupons%20-%20Grocery%20Coupons%20-%20Coupon%20Website%20-%20CouponsLiving%20Rich%20With%20...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1570791201731&ns_c=UTF-8&cv=3.1e&c8=Printable%20Coupons%20-%20Grocery%20Coupons%20-%20Coupon%20Website%20-%20CouponsLiving%20Rich%20With%20Coupons%C2%AE&c7=http%3A%2F%2Fheman.monster%2F&c9=
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://b.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1570791201731&ns_c=UTF-8&cv=3.1e&c8=Printable%20Coupons%20-%20Grocery%20Coupons%20-%20Coupon%20Website%20-%20CouponsLiving%20Rich%20With%20Coupons%C2%AE&c7=http%3A%2F%2Fheman.monster%2F&c9=
Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		127 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.184 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.13.10 /
Resource Hash
b66d155fd52c1f2e15e817c9bc7909f6305b6522e5a47d38b52684787080f7d8

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Server
nginx/1.13.10
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
127
Expires
0
trinity.json
apex.go.sonobi.com/ 		151 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22111cd0ddb9721b8d%22%3A%22ae770dbd5c856e025a1d%7C300x250%2C300x600%2C320x50%2C160x600%2C300x1050%2C336x280%2C300x50%2C320x100%2C250x250%2C120x240%2C1x1%2C300x420%22%7D&ref=http%3A%2F%2Fheman.monster%2F&s=8f4016ec-a01f-4ba5-9eb7-c52764bfe879&pv=92445c50-00af-42ef-a3da-3cb1ce587314&vp=desktop&lib_name=prebid&lib_v=2.32.0&us=5&ius=1&gdpr=false&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
32f773df8ddac2947d20c27048611674e1bd15ac90ff4e493e154a54b23cfd89
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
153
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://heman.monster
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 11 Oct 2019 10:53:21 GMT
auction
tlx.3lift.com/header/ 		19 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.32.0&referrer=http%3A%2F%2Fheman.monster%2F&tmax=2800
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.206.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
x-auction-status
3
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://heman.monster
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.32.0
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
b97dfaba920ebcdf48e9e47b1dd031831cbb73fb9e885ef7a4af59bc9623a320

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		280 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881440&size_id=15&alt_size_ids=9%2C10%2C14%2C16%2C43%2C44%2C54%2C117&p_pos=unknown&rf=http%3A%2F%2Fheman.monster%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=845794a3-2024-46cb-9945-bc2822115952&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.02385999896537716
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
12ff975787adf9e71d2e67e02c098721c2b5d80b4f15c49a557be278928c663f

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=341
Content-Length
280
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
2979ccddcadef5ea16dcc234d478a06f5665d291f9d283fcae36658c71c0ffa4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.246:80
AN-X-Request-Uuid
c6864657-ea3c-4e31-b4bd-ea1926bff02b
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.32.0&cb=36265182726
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:20 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://heman.monster
timing-allow-origin
*
vary
Origin
v1
dmx.districtm.io/b/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
http://heman.monster
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
52404a339b33bf0a-FRA
access-control-allow-headers
origin, content-type
hb
hb.undertone.com/ 		0
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2002&domain=heman.monster&gdpr=0&gdprstr=
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.229.132 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-229-132.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
status
204
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
http://heman.monster
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
a485cf2e2ad894f4fc341698ef0b08942defb525185618f2825d2a7dcfd8dd77
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.44:80
AN-X-Request-Uuid
153b06e4-6a43-4c7f-a220-1d00e011bb78
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://heman.monster
arj
cafemedia-d.openx.net/w/1.0/ 		172 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fheman.monster%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=845794a3-2024-46cb-9945-bc2822115952&nocache=1570791201747&aus=300x250%2C300x600%2C320x50%2C160x600%2C300x1050%2C336x280%2C300x50%2C320x100%2C250x250%2C120x240%2C1x1%2C300x420&divIds=AdThrive_Sidebar_1_desktop&auid=538699853&tps=aGlfYXU9&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
0723ea212c8f0ec0aa75d14e224c27bdf2f4f8b07d7feb73522819a8ec15899b

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://heman.monster
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
172
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
as.casalemedia.com/ 		26 B
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.casalemedia.com/cygnus?s=185787&v=7.2&r=%7B%22id%22%3A%221372a50b91a0e12d%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22138f00d28457a657%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185787%22%2C%22sid%22%3A%2227_1%22%7D%7D%2C%7B%22id%22%3A%22139201971f4891b7%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185787%22%2C%22sid%22%3A%2227_2%22%7D%7D%2C%7B%22id%22%3A%22140e99e8c73157b8%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185787%22%2C%22sid%22%3A%2227_4%22%7D%7D%2C%7B%22id%22%3A%221414bbea704727cf%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185787%22%2C%22sid%22%3A%2227_5%22%7D%7D%2C%7B%22id%22%3A%221428351f042e3146%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185787%22%2C%22sid%22%3A%2227_3%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fheman.monster%2F%3F%23PD%3Adesktop%23Topic%3APersonal%20Finance%23Topic%3ASB%23Topic%3Aholmm1%23Topic%3Aholbk1%23Topic%3AVDAY%23MCMP%3A%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.104 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-104.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
77d55dea22ea3ee6f0f8aae7605bdce014554eff4f4cdf7a70e0a7134260ce42

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
46
Expires
Fri, 11 Oct 2019 10:53:21 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2596
date
Fri, 11 Oct 2019 10:10:05 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 11 Oct 2019 12:10:05 GMT
308519652912505
connect.facebook.net/signals/config/ 		280 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/308519652912505?v=2.9.5&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
47d96b9a3ae9a22c13d9060e0f62c6dc3a3b465bca2fd22f99c4cca557e20225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-trip-id
1554255614
pragma
public
x-fb-debug
bev+TUq6Vqs6gpd15ncy5Tyg7TDOTlv/zqWK5wfN7SgqfvZ2Skb7eO+R2YqUWkry9cQhE57LFrc+nesLO+ezrg==
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
DENY
date
Fri, 11 Oct 2019 10:53:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
vary
Accept-Encoding
content-length
66233
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		126 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.184 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.13.10 /
Resource Hash
9c64af091fb4c66e9c61db03216d6b7e9637b5661d5e97114e3e85d97a0c833b

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:24 GMT
Server
nginx/1.13.10
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
126
Expires
0
trinity.json
apex.go.sonobi.com/ 		151 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22148c5b69eed65d04%22%3A%22c185c26b43fffcdbd8ac%7C300x250%2C320x50%2C336x280%2C320x100%2C250x250%2C120x240%22%7D&ref=http%3A%2F%2Fheman.monster%2F&s=bd9633c5-7cda-4c22-a7ab-e0c4a4468b2d&pv=92445c50-00af-42ef-a3da-3cb1ce587314&vp=desktop&lib_name=prebid&lib_v=2.32.0&us=5&ius=1&gdpr=false&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
533bc73e189bf7816849794cbb70a601caa8a097ac4b941040ebc37e63f8aa63
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
152
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.32.0&referrer=http%3A%2F%2Fheman.monster%2F&tmax=2800
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.206.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
x-auction-status
3
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://heman.monster
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.32.0&cb=2863541475
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:21 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://heman.monster
timing-allow-origin
*
vary
Origin
v1
dmx.districtm.io/b/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
http://heman.monster
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
52404a34bc8abf0a-FRA
access-control-allow-headers
origin, content-type
bid
ap.lijit.com/rtb/ 		25 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.32.0
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
cae03aed2c650f2b7d32dd2a1a64630eb3a40484a6cbefcec300a5da2c93d4e7

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
712cbfabc07910fc426d055fa79fdbb9d20e2430cd881adbfc85464be8194bd9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.239:80
AN-X-Request-Uuid
c739fa76-bdbb-4454-b6e5-2806bb17965e
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
hb.undertone.com/ 		0
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2002&domain=heman.monster&gdpr=0&gdprstr=
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.229.132 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-224-229-132.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
status
204
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
http://heman.monster
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://heman.monster
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 11 Oct 2019 10:53:22 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
6709842573a8abca6a156b2ea216637124e110dc4b0cf12ece1b8e79f6c0e2b2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid
17a99574-119c-410a-b756-0895c7c9f198
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
cafemedia-d.openx.net/w/1.0/ 		173 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fheman.monster%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=febcd3ff-ba08-4ce2-aecb-a60c43175767&nocache=1570791201922&aus=300x250%2C320x50%2C336x280%2C320x100%2C250x250%2C120x240&divIds=AdThrive_Sidebar_9_desktop&auid=538699861&tps=aGlfYXU9&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
443caf56e2ae77a62ab3575d872b687dabff182cc45246f02d6cfc1fba6a26a8

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://heman.monster
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
173
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		269 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881478&size_id=15&alt_size_ids=14%2C16%2C43%2C117&p_pos=unknown&rf=http%3A%2F%2Fheman.monster%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=febcd3ff-ba08-4ce2-aecb-a60c43175767&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.22551677472323783
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f0021d68103ea68726752e4b15a4575ff31339466f47d69811fd812da25c0658

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=406
Content-Length
269
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://heman.monster
cygnus
as.casalemedia.com/ 		26 B
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.casalemedia.com/cygnus?s=185795&v=7.2&r=%7B%22id%22%3A%22172b1dc94b7e0961%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2217392b8d138e9fe3%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185795%22%2C%22sid%22%3A%2235_1%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fheman.monster%2F%3F%23PD%3Adesktop%23Topic%3APersonal%20Finance%23Topic%3ASB%23Topic%3Aholmm1%23Topic%3Aholbk1%23Topic%3AVDAY%23MCMP%3A%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.104 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-104.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
963f94c4d798ef9cba1d464c6dc4715fabb93d0763fcdbf7bc5bf2363b060d6f

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
46
Expires
Fri, 11 Oct 2019 10:53:22 GMT
copyPaste.js
i.po.st/static/v3/js/external/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.po.st/static/v3/js/external/copyPaste.js
Requested by
Host: i.po.st
URL: https://i.po.st/static/v3/post-widget.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.175 Los Angeles, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40FE) /
Resource Hash
fb319d26019b544217d85f9670fc7fabd7a34c263ecf6ee3229ed79db2110cbb

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 23:58:13 GMT
server
ECS (fcn/40FE)
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
1501
expires
Thu, 19 Sep 2019 19:38:26 GMT
beacon.js
b.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.scorecardresearch.com/beacon.js
Requested by
Host: i.po.st
URL: https://i.po.st/static/v3/post-widget.js?ver=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Sat, 12 Oct 2019 10:53:21 GMT
status
po.st/v1/ 		90 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://po.st/v1/status?pubKey=qdeqnbnds79lcc7bd2f6&1570791201931&callback=r1PoStJSONP9600
Requested by
Host: i.po.st
URL: https://i.po.st/static/v3/post-widget.js?ver=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.217.253.90 , United States, ASN10913 (INTERNAP-BLK - Internap Corporation, US),
Reverse DNS
Software
post/2.0 /
Resource Hash
f48a757b9db644d77b35d580148ace016613caed08c87f512e045b68c862c228

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:22 GMT
Server
post/2.0
Content-type
application/javascript;charset=UTF-8
Cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
close
Content-Length
90
Expires
Tue, 29 Oct 2002 19:50:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1242689778003560&correlator=198497659472112&output=ldjh&impl=fifs&adsid=NT&eid=21064169%2C21064520&vrg=2019100701&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191011&iu_parts=18190176%2CAdThrive_Content_1%2C58fa6be2fda2bb5a837bdfd2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C300x250%7C320x50%7C336x280%7C300x50%7C320x100%7C468x60%7C250x250%7C120x240%7C1x1%7C300x300%7C552x334%7C728x250&fluid=height&fsbs=1&prev_scp=location%3DContent%26sequence%3D1%26id%3DAdThrive_Content_1_desktop%26ATF%3Dtrue%26xfloor%3D0.3%26refresh%3D00&eri=5&cust_params=siteId%3D58fa6be2fda2bb5a837bdfd2%26siteName%3DLiving%2520Rich%2520With%2520Coupons%26verticals%3DPersonal%2520Finance%26deal%3D%26abgroup%3Dhbho%253Aixlibrary%252Cdynflr%253Abuyrules%252Cloglevel%253Aoff%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_districtm%253Aoff%252Cpbs2s_sovrn%253Aoff%252Cpbs2s_openx%253Aoff%252Cpbs2s_pubmatic%253Aoff%252Cpbs2s_rubicon%253Aoff%252Croxot%253Aoff%252Cto_initial%253A2800%252Cidmod%253Aon%252Cemx%253Aoff%252Csbi%253Aon%252Cdecref%253Aon%26bucket%3Dgdpr%26topics%3DSB%252Cholmm1%252Cholbk1%252CVDAY%26site_code%3D%26marmalade%3Dfalse%26domain%3Dheman.monster%26hi_au%3Danimatedfooter%252Cminiscroller%252Cnativemobilecontent%252Cnativedesktopcontent%252Cnativedesktopsidebar%252Cnativedesktoprecipe%252Cnativemobilerecipe%252Coutstreammobile%26vpwxvph%3D1600x1200%26ri%3D29%26pvk%3D01DPX776REGGFY8JHD2E414G41%26sess%3D01DPX776RE4K89AT0T09JAFBKQ%26branch%3Dgdpr%252369a1e3c%26niet%3D4g%26utm_medium%3D(not%2520set)%26utm_campaign%3D(not%2520set)%26utm_session%3D(not%2520set)%26utm_source%3D(not%2520set)&cookie_enabled=1&cdm=heman.monster&bc=23&abxe=1&lmt=1570791201&dt=1570791201947&dlt=1570791200710&idt=497&frm=20&biw=1585&bih=1200&oid=3&adxs=198&adys=1227&adks=1329467191&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.livingrichwithcoupons.com%2F&loc=http%3A%2F%2Fheman.monster%2F&dssz=91&icsg=0&std=0&vis=1&scr_x=0&scr_y=0&psz=789x346&msz=784x100&ga_vid=1228925882.1570791202&ga_sid=1570791202&ga_hid=1246555302&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
5f1b607cc85335f8a543f36ec8e21f949ce78dcafe9b7b96d45733569654e7f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5039
x-xss-protection
0
google-lineitem-id
5139771563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234767358
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://heman.monster
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019100701.js
securepubads.g.doubleclick.net/gpt/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
f46c1a968e9e532345da24d5fefb386ae911a1ea50e44338715259f9fcf1ece5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Oct 2019 13:07:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24739
x-xss-protection
0
expires
Fri, 11 Oct 2019 10:53:21 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		126 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.184 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.13.10 /
Resource Hash
245330bb2587f51f01a2e2353add087706676210682d909a8d95828a9490d5e4

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:24 GMT
Server
nginx/1.13.10
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
126
Expires
0
bid-request
a.teads.tv/hb/ 		16 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://heman.monster
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 11 Oct 2019 10:53:22 GMT
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
23f58aa582f221d09e5424b6cd60976580f8e4abf833ab4aefff9dee1b7f9ed0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:24 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.180:80
AN-X-Request-Uuid
eb5309c1-53ed-4605-abaa-ea0eecd90f65
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://heman.monster
v1
dmx.districtm.io/b/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
http://heman.monster
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
52404a350ce5bf0a-FRA
access-control-allow-headers
origin, content-type
bid
ap.lijit.com/rtb/ 		25 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.32.0
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
2f9128862212919617c760f1ad272fed65812e022977558953b44488410e0f18

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://heman.monster
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
cygnus
as.casalemedia.com/ 		26 B
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.casalemedia.com/cygnus?s=185770&v=7.2&r=%7B%22id%22%3A%22189159fda9075bf5%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221906c435162e9d31%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_1%22%7D%7D%2C%7B%22id%22%3A%2219106e76afe77bbf%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_3%22%7D%7D%2C%7B%22id%22%3A%221927c99e42c7bd5c%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_2%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fheman.monster%2F%3F%23PD%3Adesktop%23Topic%3APersonal%20Finance%23Topic%3ASB%23Topic%3Aholmm1%23Topic%3Aholbk1%23Topic%3AVDAY%23MCMP%3A%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.104 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-104.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
07ddc9d74d0e33a5cbc634b789df87e2f12dbd0a8ff17c71e25a2e7b29abdf5c

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
46
Expires
Fri, 11 Oct 2019 10:53:22 GMT
arj
cafemedia-d.openx.net/w/1.0/ 		172 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fheman.monster%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=61217f30-38f7-4831-a639-4d0db71c54de&nocache=1570791201966&aus=728x90%2C320x50%2C970x90%2C300x50%2C320x100%2C468x60%2C1x1&divIds=AdThrive_Footer_1_desktop&auid=538699840&tps=aGlfYXU9&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
a866f2ddcfad45c62d3b375ed5d353751e4e166d0bd40dd53395cd9810ee2642

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
via
1.1 google
server
OXGW/16.163.0
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://heman.monster
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
172
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		270 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881416&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117&p_pos=unknown&rf=http%3A%2F%2Fheman.monster%2F&tk_flint=pbjs_lite_v2.32.0&x_source.tid=61217f30-38f7-4831-a639-4d0db71c54de&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.09771095371014571
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
83ad30ad3d868f3dbd6b0385dbf99c13a2f9b6da3232544127e0e9717754fc57

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=10
Content-Length
270
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.32.0&referrer=http%3A%2F%2Fheman.monster%2F&tmax=2800
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.206.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:21 GMT
x-auction-status
3
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://heman.monster
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.32.0&cb=73826226581
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:20 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://heman.monster
timing-allow-origin
*
vary
Origin
imp
g2.gumgum.com/hbid/ 		942 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=g95nznmj&pi=2&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fheman.monster%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.livingrichwithcoupons.com%2F&ns=9523&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.74.35 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-74-35.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6a4a04dc1af2dcdf6e22f566e3bba28f4ced6ba9aa8e91b380fe5cfd01fe8fc7

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://heman.monster
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
trinity.json
apex.go.sonobi.com/ 		151 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222044bfbd0990d487%22%3A%22d27a3a50cff6192a4f81%7C728x90%2C320x50%2C970x90%2C300x50%2C320x100%2C468x60%2C1x1%22%7D&ref=http%3A%2F%2Fheman.monster%2F&s=586715a8-a4ee-4666-bf10-2065be4bd4d4&pv=92445c50-00af-42ef-a3da-3cb1ce587314&vp=desktop&lib_name=prebid&lib_v=2.32.0&us=5&ius=1&gdpr=false&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
a2c2cd50ca7b2b99c838b08546a3e7ac1eaac631ed6b8ac7a705ef828e1c50ce
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:21 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
153
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
a99d6557fbed42726fbfcd3d832c8290ed026bfffaeff69c9acf7d29941b8ba4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:24 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.46:80
AN-X-Request-Uuid
cd2be159-5005-4f2a-962c-a614f066c98b
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://heman.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1242689778003560&correlator=3238641627082442&output=ldjh&impl=fifs&adsid=NT&eid=21064169%2C21064520&vrg=2019100701&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191011&iu_parts=18190176%2CAdThrive_Header_1%2C58fa6be2fda2bb5a837bdfd2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C320x100%7C468x60&fluid=height&fsbs=1&prev_scp=location%3DHeader%26sequence%3D1%26id%3DAdThrive_Header_1_desktop%26xfloor%3D0.3%26refresh%3D00&eri=5&cust_params=siteId%3D58fa6be2fda2bb5a837bdfd2%26siteName%3DLiving%2520Rich%2520With%2520Coupons%26verticals%3DPersonal%2520Finance%26deal%3D%26abgroup%3Dhbho%253Aixlibrary%252Cdynflr%253Abuyrules%252Cloglevel%253Aoff%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_districtm%253Aoff%252Cpbs2s_sovrn%253Aoff%252Cpbs2s_openx%253Aoff%252Cpbs2s_pubmatic%253Aoff%252Cpbs2s_rubicon%253Aoff%252Croxot%253Aoff%252Cto_initial%253A2800%252Cidmod%253Aon%252Cemx%253Aoff%252Csbi%253Aon%252Cdecref%253Aon%26bucket%3Dgdpr%26topics%3DSB%252Cholmm1%252Cholbk1%252CVDAY%26site_code%3D%26marmalade%3Dfalse%26domain%3Dheman.monster%26hi_au%3Danimatedfooter%252Cminiscroller%252Cnativemobilecontent%252Cnativedesktopcontent%252Cnativedesktopsidebar%252Cnativedesktoprecipe%252Cnativemobilerecipe%252Coutstreammobile%26vpwxvph%3D1600x1200%26ri%3D29%26pvk%3D01DPX776REGGFY8JHD2E414G41%26sess%3D01DPX776RE4K89AT0T09JAFBKQ%26branch%3Dgdpr%252369a1e3c%26niet%3D4g%26utm_medium%3D(not%2520set)%26utm_campaign%3D(not%2520set)%26utm_session%3D(not%2520set)%26utm_source%3D(not%2520set)&cookie_enabled=1&cdm=heman.monster&bc=23&abxe=1&lmt=1570791201&dt=1570791201971&dlt=1570791200710&idt=497&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=231&adks=2070549404&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.livingrichwithcoupons.com%2F&loc=http%3A%2F%2Fheman.monster%2F&dssz=92&icsg=0&std=0&vis=1&scr_x=0&scr_y=0&psz=728x100&msz=728x100&ga_vid=1228925882.1570791202&ga_sid=1570791202&ga_hid=1246555302&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
cc163c04148fab47288854ba461ec9e3c213973513ad4167f7064716c12d2a99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5003
x-xss-protection
0
google-lineitem-id
5139771563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138248641369
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://heman.monster
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1246555302&t=pageview&_s=1&dl=http%3A%2F%2Fheman.monster%2F&ul=en-us&de=UTF-8&dt=Printable%20Coupons%20-%20Grocery%20Coupons%20-%20Coupon%20Website%20-%20CouponsLiving%20Rich%20With%20Coupons%C2%AE%7C%23%7C&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YChAgEABC~&jid=745901249&gjid=1807514158&cid=1228925882.1570791202&tid=UA-138379464-38&_gid=1518144767.1570791202&z=1793016775
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Oct 2019 18:03:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
146984
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-138379464-38&cid=1228925882.1570791202&jid=745901249&gjid=1807514158&_gid=1518144767.1570791202&_u=YChAgEABC~&z=957288957
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 11 Oct 2019 10:53:21 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 1187 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
4439
pragma
no-cache
cache-control
no-cache
origin
http://heman.monster
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
fr=0bhX7ZF5jVEH6bQdY..BdoF8h...1.0.BdoF8h.
Origin
http://heman.monster
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
http://heman.monster
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Fri, 11 Oct 2019 10:53:22 GMT
/
www.facebook.com/tr/ 		44 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=308519652912505&ev=PageView&dl=http%3A%2F%2Fheman.monster%2F&rl=&if=false&ts=1570791201992&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=30&fbp=fb.1.1570791201458.1448124727&it=1570791201245&coo=false&exp=w0&rqm=GET
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 11 Oct 2019 10:53:22 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1242689778003560&correlator=2383451438727157&output=ldjh&impl=fifs&adsid=NT&eid=21064169%2C21064520&vrg=2019100701&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191011&iu_parts=18190176%2CAdThrive_Sidebar_1%2C58fa6be2fda2bb5a837bdfd2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x600%7C320x50%7C160x600%7C300x1050%7C336x280%7C300x50%7C320x100%7C250x250%7C120x240%7C1x1%7C300x420&fluid=height&fsbs=1&prev_scp=location%3DSidebar%26sequence%3D1%26id%3DAdThrive_Sidebar_1_desktop%26xfloor%3D0.3%26refresh%3D00&eri=5&cust_params=siteId%3D58fa6be2fda2bb5a837bdfd2%26siteName%3DLiving%2520Rich%2520With%2520Coupons%26verticals%3DPersonal%2520Finance%26deal%3D%26abgroup%3Dhbho%253Aixlibrary%252Cdynflr%253Abuyrules%252Cloglevel%253Aoff%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_districtm%253Aoff%252Cpbs2s_sovrn%253Aoff%252Cpbs2s_openx%253Aoff%252Cpbs2s_pubmatic%253Aoff%252Cpbs2s_rubicon%253Aoff%252Croxot%253Aoff%252Cto_initial%253A2800%252Cidmod%253Aon%252Cemx%253Aoff%252Csbi%253Aon%252Cdecref%253Aon%26bucket%3Dgdpr%26topics%3DSB%252Cholmm1%252Cholbk1%252CVDAY%26site_code%3D%26marmalade%3Dfalse%26domain%3Dheman.monster%26hi_au%3Danimatedfooter%252Cminiscroller%252Cnativemobilecontent%252Cnativedesktopcontent%252Cnativedesktopsidebar%252Cnativedesktoprecipe%252Cnativemobilerecipe%252Coutstreammobile%26vpwxvph%3D1600x1200%26ri%3D29%26pvk%3D01DPX776REGGFY8JHD2E414G41%26sess%3D01DPX776RE4K89AT0T09JAFBKQ%26branch%3Dgdpr%252369a1e3c%26niet%3D4g%26utm_medium%3D(not%2520set)%26utm_campaign%3D(not%2520set)%26utm_session%3D(not%2520set)%26utm_source%3D(not%2520set)&cookie_enabled=1&cdm=heman.monster&bc=23&abxe=1&lmt=1570791202&dt=1570791202002&dlt=1570791200710&idt=497&frm=20&biw=1585&bih=1200&oid=3&adxs=1019&adys=448&adks=1695451707&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.livingrichwithcoupons.com%2F&loc=http%3A%2F%2Fheman.monster%2F&dssz=92&icsg=0&std=0&vis=1&scr_x=0&scr_y=0&psz=400x1236&msz=348x250&ga_vid=1228925882.1570791202&ga_sid=1570791202&ga_hid=1246555302&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
34e1378a42c7969df4e785280bee2dd0eb10d810dca87a15c4912c56e9364a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5674
x-xss-protection
0
google-lineitem-id
5139771563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234767355
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://heman.monster
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
shareQuote.js
i.po.st/static/v3/js/external/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.po.st/static/v3/js/external/shareQuote.js
Requested by
Host: i.po.st
URL: https://i.po.st/static/v3/post-widget.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.175 Los Angeles, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4188) /
Resource Hash
5c4b751cbb0c0fbdabec0e7dc0c5d9f59bc13be9c7b8ffe03a51bec6065a03d9

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 23:58:13 GMT
server
ECS (fcn/4188)
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
max-age=43200
accept-ranges
bytes
content-length
1749
expires
Fri, 11 Oct 2019 10:53:22 GMT
b
b.scorecardresearch.com/ 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.scorecardresearch.com/b?c1=7&c2=8973917&c3=1&ns__t=1570791202013&ns_c=UTF-8&cv=3.1&c8=Printable%20Coupons%20-%20Grocery%20Coupons%20-%20Coupon%20Website%20-%20CouponsLiving%20Rich%20With%20Coupons%C2%AE&c7=http%3A%2F%2Fheman.monster%2F&c9=
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:22 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
share2quote.css
i.po.st/static/v3/css/ 		2 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.po.st/static/v3/css/share2quote.css
Requested by
Host: i.po.st
URL: https://i.po.st/static/v3/post-widget.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.175 Los Angeles, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4187) /
Resource Hash
02d7e3ee6bcda400b27afeade3e3f204fe9cc150b258485db69fb5a9429f6599

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:24 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 23:58:13 GMT
server
ECS (fcn/4187)
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
636
expires
Fri, 11 Oct 2019 10:53:24 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011909241711100/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
37a8b06eab08134f2037c797f4596c7688dd564a8395cb7e072577f371d8f993
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"beb093e69c81d951"
age
39266
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7119
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 23:58:56 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 23:58:56 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011909241711100/ Frame 755E 		252 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"96c1a383c63a0e85"
age
73819
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
70044
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 14:23:03 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 14:23:03 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 755E 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"31e12d286572e15e"
age
223161
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40838
x-xss-protection
0
server
sffe
date
Tue, 08 Oct 2019 20:54:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 07 Oct 2020 20:54:01 GMT
truncated
/ Frame 755E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
438a6578ed575e525d8cb95217dd546c6c92f942a2d6e20780a2671030f4cb9f

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame 755E 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 03:45:20 GMT
x-content-type-options
nosniff
age
25682
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Oct 2020 03:45:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 755E 		0
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPpszVP37K3WtJw781KiSusFK0ZAqNJzIjFnTWBVvPl5d3RpZvnUnwHLaGxjdc46SI7IHKohnKBjrX6XP2iRK8GkwJEP6tWg_Aw3FZeacE6dSIr94U0iPQsmNu1pymvabCfFAhdXUFLBVnUluOa5IWf8qfhyNCPfLOSIsGuKY5IUcfq6mn0Zf_zuCrFsEbrvw0hn41mITLBlskYOwaQG1Um6FCAf_mrBgmFa6_OKBFMNiFKljSspvOV-DWHU3UDJ2i7NFM0hUjbIjp3hH_Z192fc9A1yVPmp06IFK30fZzDfEfch8MB_h04VAXllw-P8K3&sai=AMfl-YS7xk_5d_cC31p4q5ZbD9mkA5KPhZkjc9QzH3zMoJ-hX_Ejz66z78ZbKu8JTJ4CO5Vxu5ZfIAlb5zoqSnP5_I0FL32XcVxzE_QqpbrhIA&sig=Cg0ArKJSzN5eShzLsqm4EAE&adurl=
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Oct 2019 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 11 Oct 2019 10:53:22 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011909241711100/ Frame C3B5 		252 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"96c1a383c63a0e85"
age
73819
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
70044
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 14:23:03 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 14:23:03 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame C3B5 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"31e12d286572e15e"
age
223161
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40838
x-xss-protection
0
server
sffe
date
Tue, 08 Oct 2019 20:54:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 07 Oct 2020 20:54:01 GMT
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame C3B5 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 03:45:20 GMT
x-content-type-options
nosniff
age
25682
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Oct 2020 03:45:20 GMT
truncated
/ Frame C3B5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d9fae699e3213f46b6d2dc0ea7acba6d0937d5d8ad19a77d697fe92ad449f1e

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C3B5 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0e33OnnlxCcBNFMbIiKaAH2lXJuBYaxTswIQd-396CkWCSnbyWCcXnQYTgff8bHHPDHR-C1wrraXQTZ2CcvhKBmzkFyZvnP7X9nW33Z_x3IJObSQBTksGLn2xMXR4aLObEptAV4uLNtf0K1UWm5-kbRjY1J-tZDWJr5Vb7Nzt0ZFMjhdUqjtTCljOlnmBEcamZgWlPLWEuoTGmD4pXE3XclZyWU543wuLBb0a2qg4cz32dew35Gf2gLv9se0SkD7F9kPYkIIhbGNblpBz53wgrxKIz5ktQ_m_X9STck1Bk4Iy7-QkaB5151HZyBxX3cWRcQ&sai=AMfl-YSNzdXAvoA1lvUgmOWJULlg-DDr6_A5yceXtY0xwGD3UG_yKZMJR4Bt5OLJSQBxrDpC9_hWyzktTJoLZQlWegkubw8_kTcCCLMcNd7W9A&sig=Cg0ArKJSzEV1zoWuaOJVEAE&adurl=
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Oct 2019 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
amp4ads-v0.js
cdn.ampproject.org/rtv/011909241711100/ Frame 6296 		252 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"96c1a383c63a0e85"
age
73819
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
70044
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 14:23:03 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 14:23:03 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 6296 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"31e12d286572e15e"
age
223161
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40838
x-xss-protection
0
server
sffe
date
Tue, 08 Oct 2019 20:54:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Wed, 07 Oct 2020 20:54:01 GMT
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame 6296 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 03:45:20 GMT
x-content-type-options
nosniff
age
25682
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Oct 2020 03:45:20 GMT
truncated
/ Frame 6296 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3072dc869a6e27098d1eb6ca54cddc752e0af85f94c58b38ec89accfb6dd2f8

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6296 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt31O1XcoXcle8hg1X1D8a25T-jsrArYfdu3VczGonPCSyaFLHyRzEFQwvtNM4zVGwlE6zm3ZELyGgegd3VvhM5eQA09yi7vnfke5dR8tFqC47NUrsl9CaEWkI10XSJ_XXeYXtOS5but6BnSN0hlBztXSdO7ZN9TDWR8Lq_TRw-8mW3O0gjGNDVmHtlPjkK4uUeMpvtd_rtvT45uZ_7WN6vxYrnMsBizPxo0fL8hfozBkG3mdNQA_Xs-_xyyddY_g4gFMA4zMuTpYFfhNgEtaCF87IGqk12fMamRZkwgVWeoKXsFHcCOUZ8RzJDnBgBBAFoQ&sai=AMfl-YTP_POAlCN_StsV9QYNUshvot5uT34t7yPzLu46UenPy4O8RFoTR5EogSiYtzTt7JjoRbvLdidG1ESHvHZXkXgvJ0-gdRWlZ0SJsKDt&sig=Cg0ArKJSzCHhjPpUw4RlEAE&adurl=
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Oct 2019 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 11 Oct 2019 10:53:22 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1242689778003560&correlator=2221165394967734&output=ldjh&impl=fifs&adsid=NT&eid=21064169%2C21064520&vrg=2019100701&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191011&iu_parts=18190176%2CAdThrive_Sidebar_9%2C58fa6be2fda2bb5a837bdfd2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C320x50%7C336x280%7C320x100%7C250x250%7C120x240&fluid=height&fsbs=1&prev_scp=location%3DSidebar%26sequence%3D9%26id%3DAdThrive_Sidebar_9_desktop%26sticky%3Dtrue%26xfloor%3D0.3%26refresh%3D00&eri=5&cust_params=siteId%3D58fa6be2fda2bb5a837bdfd2%26siteName%3DLiving%2520Rich%2520With%2520Coupons%26verticals%3DPersonal%2520Finance%26deal%3D%26abgroup%3Dhbho%253Aixlibrary%252Cdynflr%253Abuyrules%252Cloglevel%253Aoff%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_districtm%253Aoff%252Cpbs2s_sovrn%253Aoff%252Cpbs2s_openx%253Aoff%252Cpbs2s_pubmatic%253Aoff%252Cpbs2s_rubicon%253Aoff%252Croxot%253Aoff%252Cto_initial%253A2800%252Cidmod%253Aon%252Cemx%253Aoff%252Csbi%253Aon%252Cdecref%253Aon%26bucket%3Dgdpr%26topics%3DSB%252Cholmm1%252Cholbk1%252CVDAY%26site_code%3D%26marmalade%3Dfalse%26domain%3Dheman.monster%26hi_au%3Danimatedfooter%252Cminiscroller%252Cnativemobilecontent%252Cnativedesktopcontent%252Cnativedesktopsidebar%252Cnativedesktoprecipe%252Cnativemobilerecipe%252Coutstreammobile%26vpwxvph%3D1600x1200%26ri%3D29%26pvk%3D01DPX776REGGFY8JHD2E414G41%26sess%3D01DPX776RE4K89AT0T09JAFBKQ%26branch%3Dgdpr%252369a1e3c%26niet%3D4g%26utm_medium%3D(not%2520set)%26utm_campaign%3D(not%2520set)%26utm_session%3D(not%2520set)%26utm_source%3D(not%2520set)&cookie=ID%3D618b1245a7470117%3AT%3D1570791202%3AS%3DALNI_MbgfoTfmEAgDCkXvB3MNvhdzZIhbA&cookie_enabled=1&cdm=heman.monster&bc=23&abxe=1&lmt=1570791202&dt=1570791202163&dlt=1570791200710&idt=497&frm=20&biw=1585&bih=1200&oid=3&adxs=1019&adys=1290&adks=1717119552&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.livingrichwithcoupons.com%2F&loc=http%3A%2F%2Fheman.monster%2F&dssz=91&icsg=0&std=0&vis=1&scr_x=0&scr_y=0&psz=400x1236&msz=348x250&psts=CjQIq-HqkhNCBcfejLIBeAHoAf7PvPuCBIICEKCamQiYm5kIsPvHD4DCwyPRAp258vGI_1Le%2CCjQIq-HqkhNCBcfejLIBeAHoAdm2i4KDBIICEKCamQiYm5kI6IPID7jKwyPRAjHFiQytERXU%2CCjQIq-HqkhNCBcfejLIBeAHoAfvPvPuCBIICEKCamQiYm5kI2IXID6jMwyPRAoUFj-vQsGSv&ga_vid=1228925882.1570791202&ga_sid=1570791202&ga_hid=1246555302&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
66531ea727f4f75828051417adcaefd6c57e9523ec78bf8cba78d23f746a459c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4433
x-xss-protection
0
google-lineitem-id
5139771563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138248453528
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://heman.monster
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1242689778003560&correlator=634191064896764&output=ldjh&impl=fifs&adsid=NT&eid=21064169%2C21064520&vrg=2019100701&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191011&iu_parts=18190176%2CAdThrive_Footer_1%2C58fa6be2fda2bb5a837bdfd2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C970x90%7C300x50%7C320x100%7C468x60%7C1x1&fluid=height&fsbs=1&prev_scp=location%3DFooter%26sequence%3D1%26id%3DAdThrive_Footer_1_desktop%26ATF%3Dtrue%26sticky%3Dtrue%26xfloor%3D0.3%26refresh%3D00&eri=5&cust_params=siteId%3D58fa6be2fda2bb5a837bdfd2%26siteName%3DLiving%2520Rich%2520With%2520Coupons%26verticals%3DPersonal%2520Finance%26deal%3D%26abgroup%3Dhbho%253Aixlibrary%252Cdynflr%253Abuyrules%252Cloglevel%253Aoff%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_districtm%253Aoff%252Cpbs2s_sovrn%253Aoff%252Cpbs2s_openx%253Aoff%252Cpbs2s_pubmatic%253Aoff%252Cpbs2s_rubicon%253Aoff%252Croxot%253Aoff%252Cto_initial%253A2800%252Cidmod%253Aon%252Cemx%253Aoff%252Csbi%253Aon%252Cdecref%253Aon%26bucket%3Dgdpr%26topics%3DSB%252Cholmm1%252Cholbk1%252CVDAY%26site_code%3D%26marmalade%3Dfalse%26domain%3Dheman.monster%26hi_au%3Danimatedfooter%252Cminiscroller%252Cnativemobilecontent%252Cnativedesktopcontent%252Cnativedesktopsidebar%252Cnativedesktoprecipe%252Cnativemobilerecipe%252Coutstreammobile%26vpwxvph%3D1600x1200%26ri%3D29%26pvk%3D01DPX776REGGFY8JHD2E414G41%26sess%3D01DPX776RE4K89AT0T09JAFBKQ%26branch%3Dgdpr%252369a1e3c%26niet%3D4g%26utm_medium%3D(not%2520set)%26utm_campaign%3D(not%2520set)%26utm_session%3D(not%2520set)%26utm_source%3D(not%2520set)&cookie=ID%3D618b1245a7470117%3AT%3D1570791202%3AS%3DALNI_MbgfoTfmEAgDCkXvB3MNvhdzZIhbA&cookie_enabled=1&cdm=heman.monster&bc=23&abxe=1&lmt=1570791202&dt=1570791202224&dlt=1570791200710&idt=497&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=1110&adks=518758770&ucis=9&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.livingrichwithcoupons.com%2F&loc=http%3A%2F%2Fheman.monster%2F&dssz=91&icsg=0&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x5221&msz=1585x-1&psts=CjQIq-HqkhNCBcfejLIBeAHoAf7PvPuCBIICEKCamQiYm5kIsPvHD4DCwyPRAp258vGI_1Le%2CCjQIq-HqkhNCBcfejLIBeAHoAdm2i4KDBIICEKCamQiYm5kI6IPID7jKwyPRAjHFiQytERXU%2CCjQIq-HqkhNCBcfejLIBeAHoAfvPvPuCBIICEKCamQiYm5kI2IXID6jMwyPRAoUFj-vQsGSv&ga_vid=1228925882.1570791202&ga_sid=1570791202&ga_hid=1246555302&fws=512&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
02badb2df1f182fca83821e95f7d1f1b83501e31a217a2a10a5d6e86998472a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4416
x-xss-protection
0
google-lineitem-id
5139771563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138248453531
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://heman.monster
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6296 		0
260 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1570791202220&qqid=COuy85yFlOUCFcWxewodzcQKyw&rt=a4a.link.2.9.3.5.0.0.1i4g.1i1o~aa.script.2.9.2.6.0.0.vko.vie~simg.img.3.6.0.6.0.0.2w.17~vu.img.3.h.1.g.0.0.3l.0&met.a4a=dcl.0~ol.59~nvs.1570791202151~ini.1570791202220
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80b::2003 , Australia, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
status
204
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/231910071804120/ Frame 3049 		206 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/231910071804120/amp4ads-v0.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a57809a9b7a6c669c9e46fdd422597558ed02b02fa75d0867bebfa4a8c95a781
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"775dd1fdee01f878"
age
73241
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
57904
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 14:32:41 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 14:32:41 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/231910071804120/v0/ Frame 3049 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/231910071804120/v0/amp-analytics-0.1.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aa95eb8757140f09d3424399b939ed3f10a20c45c6c52476c614c9bc375eb667
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"b456e67993554b43"
age
120380
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40847
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 01:27:02 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 01:27:02 GMT
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame 3049 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 03:45:20 GMT
x-content-type-options
nosniff
age
25682
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Oct 2020 03:45:20 GMT
truncated
/ Frame 3049 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4dbc0e17ae4fcadadbbb2da2867fdaca866c256e061bfc49b497d8d9b0f35a97

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3049 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstszegv263-1mpr4XV9F9lQdKywfMxTTegHDVUi6nHFUA1QXK6TLc2JcjShtWkAbH_wOe5obOt1omyRtOvcT9HsLumOwhv_329e-o7ps86SMVmrPrj2IcKGlVR0B_wFeRmQKrEqHFwvo56FLo0XrGxIT5zQu68TShYKUbjTCdMQN6xu8F_rOarHI-3F0PgE59wRQv0t3vxwBi6Fwl45xc60PVD2feslFshIUTWMvSBBMLVM94CuUhZ5Hjo1CsQ6VaHVTdDUcgkBWulMHhnyyNyZ4slZiahZ1O-5FQ0vAZrlkYBm1sIHZarIRORzjrLyzLw0Pw&sig=Cg0ArKJSzEIiBTLdBM3iEAE&adurl=
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Oct 2019 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
amp4ads-v0.js
cdn.ampproject.org/rtv/231910071804120/ Frame 6B5C 		206 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/231910071804120/amp4ads-v0.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a57809a9b7a6c669c9e46fdd422597558ed02b02fa75d0867bebfa4a8c95a781
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"775dd1fdee01f878"
age
73241
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
57904
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 14:32:41 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 14:32:41 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/231910071804120/v0/ Frame 6B5C 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/231910071804120/v0/amp-analytics-0.1.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aa95eb8757140f09d3424399b939ed3f10a20c45c6c52476c614c9bc375eb667
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
etag
"b456e67993554b43"
age
120380
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40847
x-xss-protection
0
server
sffe
date
Thu, 10 Oct 2019 01:27:02 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 09 Oct 2020 01:27:02 GMT
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame 6B5C 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 03:45:20 GMT
x-content-type-options
nosniff
age
25682
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Oct 2020 03:45:20 GMT
truncated
/ Frame 6B5C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f46b25b89dce490111cc10bd307c9e8289431e7ca4a73db01e2fffd9425d5de

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6B5C 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNUqrhAj_L3Z1CLA3KhZ73mDLTVB4dROXvkfqQ53KVNrdt_4KHdeReBseO4rfi1liJmCe0Sk3HTrPBqylNoPXbgGVNqHTqm1CzFLP-0bQRnRKX2rKklLmLBA_pstghxO52cRGZ508TM-M2Y7DXP_JbTIcxqQT295f9v_VIFTmH1o8Z7nI194gKiTJ7Gimqsupc3LWBwHOiKsRr_xTmfw-m22Xy6j2Vikou9e9LaNnCdg2zZeT4HLuGgwX9B2rs56q0_b8Mohhk8P8hTub03R-Qp6oXhp54RucB3pomKYLp3Ezr8tTZaaa0hxnenvQfMGA5&sig=Cg0ArKJSzPP_R_q3xwZhEAE&adurl=
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Oct 2019 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
p
p.po.st/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.po.st/p?t=view&pub=qdeqnbnds79lcc7bd2f6&pu=https%3A%2F%2Fwww.livingrichwithcoupons.com%2F&pt=Printable%20Coupons%20-%20Grocery%20Coupons%20-%20Coupon%20Website%20-%20CouponsLiving%20Rich%20With%20Coupons%C2%AE&ru=&vw=3&v=4.55.0-rel-49&vGUID=9990-4035-0efc-bab8-7f5d-9072-6b8d-3989&gc=%7B%22tab%22%3A%22u%22%2C%22cp%22%3Afalse%2C%22sq%22%3A%22u%22%2C%22lc%22%3A%22en-us%22%2C%22gat%22%3A%22u%22%2C%22gas%22%3A%22u%22%2C%22mo%22%3A%22u%22%2C%22r%22%3A%22true%22%2C%22c%22%3A%22u%22%2C%22t%22%3Afalse%2C%22i%22%3A%22u%22%2C%22cp_m%22%3A%22u%22%2C%22cp_is%22%3A%22u%22%2C%22cp_u%22%3A%22u%22%2C%22cp_t%22%3A%22u%22%2C%22sq_b%22%3A%22u%22%2C%22sq_e%22%3A%22u%22%2C%22sq_t%22%3A%22copy%22%2C%22ons%22%3A%22u%22%2C%22onl%22%3A%22u%22%7D&random=1570791201931
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.217.253.70 , United States, ASN10913 (INTERNAP-BLK - Internap Corporation, US),
Reverse DNS
Software
cayman/1.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Cache-control
private, no-cache, proxy-revalidate
Server
cayman/1.0
Connection
close
Content-type
image/gif
Content-Length
43
Expires
Tue, 29 Oct 2002 19:50:44 GMT
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame 3049 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/231910071804120/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 03:45:20 GMT
x-content-type-options
nosniff
age
25682
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Oct 2020 03:45:20 GMT
/
www.facebook.com/tr/ Frame 6858 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
4438
pragma
no-cache
cache-control
no-cache
origin
http://heman.monster
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
Origin
http://heman.monster
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
http://heman.monster
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Fri, 11 Oct 2019 10:53:22 GMT
15842465133016810807
tpc.googlesyndication.com/simgad/ Frame 6B5C 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15842465133016810807
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/231910071804120/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 03:45:20 GMT
x-content-type-options
nosniff
age
25682
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Wed, 30 May 2018 18:01:52 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Oct 2020 03:45:20 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1242689778003560&correlator=1108650077901249&output=ldjh&impl=fifs&adsid=NT&eid=21064169%2C21064520&vrg=2019100701&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191011&iu_parts=18190176%2CAdThrive_Content_2%2C58fa6be2fda2bb5a837bdfd2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C300x250%7C320x50%7C336x280%7C300x50%7C320x100%7C468x60%7C250x250%7C120x240%7C1x1%7C300x300%7C552x334%7C728x250&fluid=height&fsbs=1&prev_scp=location%3DContent%26sequence%3D2%26id%3DAdThrive_Content_2_desktop%26xfloor%3D0.3%26refresh%3D00%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D209e38a7f6e8b55b%26hb_bidder%3Drubicon&eri=5&cust_params=siteId%3D58fa6be2fda2bb5a837bdfd2%26siteName%3DLiving%2520Rich%2520With%2520Coupons%26verticals%3DPersonal%2520Finance%26deal%3D%26abgroup%3Dhbho%253Aixlibrary%252Cdynflr%253Abuyrules%252Cloglevel%253Aoff%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_districtm%253Aoff%252Cpbs2s_sovrn%253Aoff%252Cpbs2s_openx%253Aoff%252Cpbs2s_pubmatic%253Aoff%252Cpbs2s_rubicon%253Aoff%252Croxot%253Aoff%252Cto_initial%253A2800%252Cidmod%253Aon%252Cemx%253Aoff%252Csbi%253Aon%252Cdecref%253Aon%26bucket%3Dgdpr%26topics%3DSB%252Cholmm1%252Cholbk1%252CVDAY%26site_code%3D%26marmalade%3Dfalse%26domain%3Dheman.monster%26hi_au%3Danimatedfooter%252Cminiscroller%252Cnativemobilecontent%252Cnativedesktopcontent%252Cnativedesktopsidebar%252Cnativedesktoprecipe%252Cnativemobilerecipe%252Coutstreammobile%26vpwxvph%3D1600x1200%26ri%3D29%26pvk%3D01DPX776REGGFY8JHD2E414G41%26sess%3D01DPX776RE4K89AT0T09JAFBKQ%26branch%3Dgdpr%252369a1e3c%26niet%3D4g%26utm_medium%3D(not%2520set)%26utm_campaign%3D(not%2520set)%26utm_session%3D(not%2520set)%26utm_source%3D(not%2520set)&cookie=ID%3D618b1245a7470117%3AT%3D1570791202%3AS%3DALNI_MbgfoTfmEAgDCkXvB3MNvhdzZIhbA&cookie_enabled=1&cdm=heman.monster&bc=23&abxe=1&lmt=1570791202&dt=1570791202751&dlt=1570791200710&idt=497&frm=20&biw=1585&bih=1200&oid=3&adxs=198&adys=2384&adks=2014785358&ucis=b&ifi=11&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.livingrichwithcoupons.com%2F&loc=http%3A%2F%2Fheman.monster%2F&dssz=90&icsg=0&std=0&vis=1&scr_x=0&scr_y=0&psz=789x353&msz=784x100&psts=CjQIq-HqkhNCBcfejLIBeAHoAf7PvPuCBIICEKCamQiYm5kIsPvHD4DCwyPRAp258vGI_1Le%2CCjQIq-HqkhNCBcfejLIBeAHoAdm2i4KDBIICEKCamQiYm5kI6IPID7jKwyPRAjHFiQytERXU%2CCjQIq-HqkhNCBcfejLIBeAHoAfvPvPuCBIICEKCamQiYm5kI2IXID6jMwyPRAoUFj-vQsGSv%2CCjQIq-HqkhNCBcfejLIBeAHoAZj7_4GDBIICEKCamQiYm5kImI3ID-jTwyPRAp8unO-a2ezL%2CCjQIq-HqkhNCBcfejLIBeAHoAZv7_4GDBIICEKCamQiYm5kI6JLID7jZwyPRAu1tExfNF4Ei&ga_vid=1228925882.1570791202&ga_sid=1570791202&ga_hid=1246555302&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
16177059f7e89507d5f62d3b59610579e3000cabacf7937da9d7e0a68e96fab7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2986
x-xss-protection
0
google-lineitem-id
4804222502
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138250648746
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://heman.monster
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
clarium.global.ssl.fastly.net/ Frame C148 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=mOinGM9MTu5v-Lto835XLhlrSPY&tpid=bU9pbkdNOU1UdTV2LUx0bzgzNVhMaGxyU1BZL3J1Ymljb246MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6ImJVOXBia2ROT1UxVWRUVjJMVXgwYnpnek5WaE1hR3h5VTFCWkwzSjFZbWxqYjI0Nk16QXdlREkxTUE9PSIsIndkIjp7ImsuaGJfYmlkZGVyIjoicnViaWNvbiIsImsuaGJfc2l6ZSI6IjMwMHgyNTAifSwid3IiOjd9
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
6504c3522c7852e14a68d8b079444f5b822ff2f6d8d97eec1a85e53f9a981a6c

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 10:53:22 GMT
Content-Encoding
gzip
Age
228
X-Cache-Status
hit
X-Cache
HIT
Connection
keep-alive
Content-Length
12096
X-Served-By
cache-fra19145-FRA
Access-Control-Allow-Origin
*
Server
nginx
X-Timer
S1570791203.900437,VS0,VE0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
2
osd.js
www.googletagservices.com/activeview/js/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
feabd2d3082a3072973a74ea19203eb66256913be1fe21e6dc1f04cf5a1eb09b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1570619817437427"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29044
x-xss-protection
0
expires
Fri, 11 Oct 2019 10:53:22 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C148 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKfbjQI8KG4N4ZEMPLPDpSMgyJtlaLH9Eqjf8LVgioPKi6t-aqzLBcTY5C61WGY9eouQw6dZS-GYVerUqPrumtYZCuleoK_2n0U1zJNHJRnYpol7T33XuRnTo0bkqm54fBZNYsCrQ3eDoBulGoF3L2x-UMkhSrG9aWFqkpE2Zh-kbHgA3uku49R7A4_jAmda3m9exzVCD7qDUTk0rB3rS4hwNFSYMWQdzVr7qavcmIddclYAgxwPtgIwip8Ww52Onweg4yT3CV347_nGUKw5-Rmd9hhH1-CBHv7HdJCbwyEPIZAvj4-r3tmST32UWLqtrvfWBG&sig=Cg0ArKJSzI2Ef_1HgSWpEAE&urlfix=1&adurl=
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Oct 2019 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
track.adform.net/adfscript/ Frame C148 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=29481383;rtbwp=CA3B951381205A8C;rtbdata=2ngP8ytL3znOM2GZ5jVM_znoKaIuw1exJcJj5ruv8hDBP55242LRnret06oUPBB-NGU5rb_f4rJhrG_0qTCpJYI0Zsx5Lz-r1kj7SljpEd4V7ovomp_JdE2G5mJrst7uSy32EedribvFEoKX42N4jYSFaoTN1rR3frgUyQ0jsia6F1lgn6MHH24iq7-UQxbt_tsijXL5P4WEH7Fd2FEz188hp7c1IKTvTfxrDNkZXr1vrkSsFV1cHO8F5ksbg-JL0;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/9b1f32a3-4160-4d7d-bfb7-21b38d42a705/
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=mOinGM9MTu5v-Lto835XLhlrSPY&tpid=bU9pbkdNOU1UdTV2LUx0bzgzNVhMaGxyU1BZL3J1Ymljb246MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6ImJVOXBia2ROT1UxVWRUVjJMVXgwYnpnek5WaE1hR3h5VTFCWkwzSjFZbWxqYjI0Nk16QXdlREkxTUE9PSIsIndkIjp7ImsuaGJfYmlkZGVyIjoicnViaWNvbiIsImsuaGJfc2l6ZSI6IjMwMHgyNTAifSwid3IiOjd9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4e75f9e56f4504bebb463f9b320cad8aae6e22be43c76136861093fc13ecb8f5

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9901
expires
-1
moatad.js
z.moatads.com/rubiconproject883925/ Frame C148 		286 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/rubiconproject883925/moatad.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=mOinGM9MTu5v-Lto835XLhlrSPY&tpid=bU9pbkdNOU1UdTV2LUx0bzgzNVhMaGxyU1BZL3J1Ymljb246MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6ImJVOXBia2ROT1UxVWRUVjJMVXgwYnpnek5WaE1hR3h5VTFCWkwzSjFZbWxqYjI0Nk16QXdlREkxTUE9PSIsIndkIjp7ImsuaGJfYmlkZGVyIjoicnViaWNvbiIsImsuaGJfc2l6ZSI6IjMwMHgyNTAifSwid3IiOjd9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
893ff22268e723441c5324f488c25de6dcb1833c153b0cdca1e252886e72eebb

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 10:53:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Oct 2019 15:34:36 GMT
Server
AmazonS3
x-amz-request-id
3C816A50C9439844
ETag
"52b25d4d6b954b6015176386c83a53aa"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=40304
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97170
x-amz-id-2
ZABepK3XAnwrC7mDVs1Y25p8UC5WqAwXQp9KIIJ0d+DYe+FcMywFWGIR97AMBT1T7L9yLnMutzQ=
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame C148 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=mOinGM9MTu5v-Lto835XLhlrSPY&tpid=bU9pbkdNOU1UdTV2LUx0bzgzNVhMaGxyU1BZL3J1Ymljb246MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6ImJVOXBia2ROT1UxVWRUVjJMVXgwYnpnek5WaE1hR3h5VTFCWkwzSjFZbWxqYjI0Nk16QXdlREkxTUE9PSIsIndkIjp7ImsuaGJfYmlkZGVyIjoicnViaWNvbiIsImsuaGJfc2l6ZSI6IjMwMHgyNTAifSwid3IiOjd9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ded1f2a0b252bb9d3a8a84ff33f6231ac9d3536cfa19bd27c09672afd61cb65d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1570619817437427"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29553
x-xss-protection
0
expires
Fri, 11 Oct 2019 10:53:22 GMT
9b1f32a3-4160-4d7d-bfb7-21b38d42a705
beacon-eu2.rubiconproject.com/beacon/d/ Frame C148 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu2.rubiconproject.com/beacon/d/9b1f32a3-4160-4d7d-bfb7-21b38d42a705?oo=0&accountId=9262&siteId=180726&zoneId=881400&sizeId=15&e=6A1E40E384DA563B5F25333FB08D94244FE3DBDBB33BF2C172EBB76AE6C887FF10E70AE5EAADC30D0C6C5BB84A571E42E4A9AFA6E089EF842D6898F3C2D5E8A33B9F8F409210572C88CF3D6E1B1D9D7E63411436173527046D63F901FE1D39135F81DA300484CED6EFF5C7CFD889081AECD757E75C1AD82215670F5ECC46F8A02ADE1F09E3A51EBD5305327A4F28E7AD21F3746B0B42ADFE14E1CF13EF6C13C146EA74088D8FA0C35117B5173AE24393FECB0588433E4BEC826FA47CA063CC8E673F48487E5E6C5ECDA10306204D320B
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:22 GMT
Cache-Control
private, max-age=0, no-cache
Server
Rubicon Project
Content-Type
image/webp
Content-Length
43
Expires
01 Jan 1970 10:00:00 GMT
bootstrap.js
s1.adform.net/stoat/619/s1.adform.net/ Frame C148 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/619/s1.adform.net/bootstrap.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=mOinGM9MTu5v-Lto835XLhlrSPY&tpid=bU9pbkdNOU1UdTV2LUx0bzgzNVhMaGxyU1BZL3J1Ymljb246MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6ImJVOXBia2ROT1UxVWRUVjJMVXgwYnpnek5WaE1hR3h5VTFCWkwzSjFZbWxqYjI0Nk16QXdlREkxTUE9PSIsIndkIjp7ImsuaGJfYmlkZGVyIjoicnViaWNvbiIsImsuaGJfc2l6ZSI6IjMwMHgyNTAifSwid3IiOjd9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1ef3b2018460f499847215358ad588852cdf72c969234ab0e2674eb9c5890737

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:23 GMT
content-encoding
gzip
last-modified
Tue, 01 Oct 2019 08:04:35 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 12 Oct 2019 13:43:21 GMT
/
track.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... Frame C148 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBDzafAjnpHLNDCrpwoNSUC56MnGWpwoNN5uQ32SCVddNOTlKFevSdQ_i.uJtHoqvynx9MsFyxYM914Ve_clr91y.25.ea1kb49RcWqrTKIwmMu_TxYMJ5tFFg4K1kl1BNlY6RjJNlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4.HhL9.J1pNc0Qpw.4zk/adfserve/?CC=1&bn=29481383;rtbwp=CA3B951381205A8C;rtbdata=2ngP8ytL3znOM2GZ5jVM_znoKaIuw1exJcJj5ruv8hDBP55242LRnret06oUPBB-NGU5rb_f4rJhrG_0qTCpJYI0Zsx5Lz-r1kj7SljpEd4V7ovomp_JdE2G5mJrst7uSy32EedribvFEoKX42N4jYSFaoTN1rR3frgUyQ0jsia6F1lgn6MHH24iq7-UQxbt_tsijXL5P4WEH7Fd2FEz188hp7c1IKTvTfxrDNkZXr1vrkSsFV1cHO8F5ksbg-JL0;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f9b1f32a3-4160-4d7d-bfb7-21b38d42a705%2f;js=1;adfxid=1x;1667;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=2|2&CREFURL=http%3A%2F%2Fheman.monster%2F
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=mOinGM9MTu5v-Lto835XLhlrSPY&tpid=bU9pbkdNOU1UdTV2LUx0bzgzNVhMaGxyU1BZL3J1Ymljb246MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6ImJVOXBia2ROT1UxVWRUVjJMVXgwYnpnek5WaE1hR3h5VTFCWkwzSjFZbWxqYjI0Nk16QXdlREkxTUE9PSIsIndkIjp7ImsuaGJfYmlkZGVyIjoicnViaWNvbiIsImsuaGJfc2l6ZSI6IjMwMHgyNTAifSwid3IiOjd9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c11659053985ce173aa03a89a59f2f12d420b5b091495c0d4dde0cd8d861190e

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:23 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2758
expires
-1
awrapper
ads.businessclick.com/ Frame C148 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.businessclick.com/awrapper?data=8a2e7afe0a63ef91d9af0a0d1b14e06f9d5aba195ab6ff9d20513ef51098d46d&size=300x250&aid=9f5bc1b72e59358c0cd5eb8af7df41af&ccnt=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D29481383%26crtbwp%3DCA3B951381205A8C%26crtbdata%3D2ngP8ytL3znOM2GZ5jVM_znoKaIuw1exJcJj5ruv8hDBP55242LRnret06oUPBB-NGU5rb_f4rJhrG_0qTCpJYI0Zsx5Lz-r1kj7SljpEd4V7ovomp_JdE2G5mJrst7uSy32EedribvFEoKX42N4jYSFaoTN1rR3frgUyQ0jsia6F1lgn6MHH24iq7-UQxbt_tsijXL5P4WEH7Fd2FEz188hp7c1IKTvTfxrDNkZXr1vrkSsFV1cHO8F5ksbg-JL0%26adfibeg%3D0%26cdata%3DWo-c69wNSP5Nkoim8y32RgwRZGuFuL6pEx14g_hcwfpYBRXMc3-0AkKr1ztCzqheMrfXzzOMYt50JtSckXbxDk-3uN9mLGtshwNEKyX1PF6iyHmzkcgZwdYTnnZIbAy6X3L8-4K5SvK00vlKJZnUwZFxHh4_otaWrCm-e2aPWwm423Nr82vqbsWsPl7fkkmzRMML1KHvn3FdYPD55JBvBzJnsdf_OLFqQjoY9JcPI0JAKwVVbEeREcTj-xBkZCCo0%26%26CREFURL%3Dhttp%253a%252f%252fheman.monster%252f%26C%3D1%26cpdir%3D
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ads.businessclick.com
Software
nginx /
Resource Hash
4a2ca740653b8abf682c201a3ee7fa2e8faa2184311716b23442f72f8cc0c001

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:23 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-worker
worker-2
/
track.adform.net/csimpr/ Frame C148 		35 B
421 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=29481383&csi=kcwFPeaH5CkEO6zWT_brFr9TeIWA7OZygjIJKFx1HxRNBB91lsK-cfNB3BGFtbz8RYvW2Twyv0Gs7A9yGzt-n2I2SaJEkJyXbuQ8anSF0XGcD_vjBU7LOQ2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/619/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:23 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://heman.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
stats.aws.rubiconproject.com/stats/rendertimers/9b1f32a3-4160-4d7d-bfb7-21b38d42a705/viewable/881400/15/ Frame C148 		49 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.aws.rubiconproject.com/stats/rendertimers/9b1f32a3-4160-4d7d-bfb7-21b38d42a705/viewable/881400/15/
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.40.106 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-40-106.compute-1.amazonaws.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 10:53:23 GMT
Server
Apache/2.4.6 (CentOS)
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
no-cache, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
49
Expires
Mon, 01 Jun 2009 01:06:09 GMT, Thu, 1 Jan 2015 00:00:00 GMT
s.js
mb.moatads.com/ 		145 B
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s.js?url=http%3A%2F%2Fheman.monster%2F&confidence=2&pcode=rubiconproject883925&callback=MoatBSJsonpRequest_80639159
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/rubiconproject883925/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.107.49 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-176-107-49.eu-west-2.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
4edc83ebfac780b6ad18548327dff57f5a44a033320d21ac93031cfdacf9ffa3

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:23 GMT
server
TornadoServer/4.5.3
etag
"19b8f3c17d629e677ffc9181863e0e74207e4b6c"
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=900
timing-allow-origin
*
content-length
145
n.js
geo.moatads.com/ Frame C148 		106 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBBBB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkBBBBBBB6BsNBmB0Biw7pCr6yCBrO24xXmYyBBBBC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnBBW35CeBBBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyBBBBBBBBBBBBBBBBBTLF6GfC6Jn7OBBYkCBB0IofsfBBPCxB7UBBBtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=RUBICON1&hp=1&wf=1&cm=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1570791203123&de=327483395166&m=0&ar=e2b442bdf4f-clean&iw=4e250f1&q=2&cb=0&ym=0&cu=1570791203123&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=15%3A%3Aundefined%3Aundefined&zMoatZoneId=881400&zMoatAppId=-&qs=1&zGSRC=1&gu=http%3A%2F%2Fheman.monster%2F&id=1&bo=undefined&bd=undefined&gw=rubiconproject883925&fd=1&ac=1&it=500&ti=0&ih=1&fs=171901&na=919087664&cs=0&callback=MoatSuperV26.gna868959
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/rubiconproject883925/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.83.173 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-10-83-173.eu-west-2.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
19405ddcb50ea507bbb0c9cd13be22125b87d52c5254bb3af9b611a8710f45cb

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:23 GMT
server
TornadoServer/4.5.3
etag
"8725d0c6821f1c508086b6da97a710966c51a9df"
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=900
timing-allow-origin
*
content-length
106
pixel.gif
px.moatads.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=RUBICON1&hp=1&wf=1&cm=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1570791203123&de=327483395166&m=0&ar=e2b442bdf4f-clean&iw=4e250f1&q=3&cb=0&ym=0&cu=1570791203123&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=15%3A%3Aundefined%3Aundefined&zMoatZoneId=881400&zMoatAppId=-&qs=1&zGSRC=1&gu=http%3A%2F%2Fheman.monster%2F&id=1&bo=undefined&bd=undefined&gw=rubiconproject883925&fd=1&ac=1&it=500&ti=0&ih=1&fs=171901&na=1380216803&cs=0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 11 Oct 2019 10:53:23 GMT
usync.html
eus.rubiconproject.com/ Frame 9972 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
ses2=; vis2=180726^2; audit=1|hLZGFuTafB20+D9ZfSo32O99qzxPzGzoRewphPerumdRJJZkuLq28wOFdrHBcbuL092vHQ0d9PR3vTYVOMbzoNzpQ7vzkXQ/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 09 Oct 2019 22:56:27 GMT
Content-Encoding
gzip
Content-Length
7651
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=58371
Expires
Sat, 12 Oct 2019 03:06:14 GMT
Date
Fri, 11 Oct 2019 10:53:23 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame C148 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8af6dec0b3007ddd916b16fe6f42d4b9404686dc6269f3ae8fae82bd151456d

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
ThirdParty
s1.adform.net/stoat/619/s1.adform.net/load/v/0.0.178/e/.wSBgkG/i/8IC-4gAAAAKAA/r:types/ Frame C148 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/619/s1.adform.net/load/v/0.0.178/e/.wSBgkG/i/8IC-4gAAAAKAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/619/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3b82def7bcca62387492dd8c9cc3274e69712e93aa4e04a08e7eee70220dacdd

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:23 GMT
content-encoding
gzip
last-modified
Tue, 01 Oct 2019 08:04:35 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 12 Oct 2019 14:17:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 755E 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucG4Y-OzsVB-7DbRaGQx7XWbRy-va3k_vZKPexC3b12EmAXyhx8dl4mawXup3id1161VJP5CliiO5zv4PggAzCdl1iFK4WeIb05ifnMe4&sig=Cg0ArKJSzNwT_-xIDJ-sEAE&id=ampim&o=792,233&d=1,1&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=38&tls=1040&g=100&h=100&pt=122&tt=1040&rpt=122&rst=1570791202078&r=v&adk=2070549404&avms=ampa
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6296 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvtyLPG58O9rjPv_tdTnif5whIdLm0gddex0GLRBha34dPK-kiUol6WCSNJ71iB_TdUpJKYU4Dq_-2drjJ6YdwukkAY2O1Z_cpbfUcGfU&sig=Cg0ArKJSzNa6-xyv41U2EAE&id=ampim&o=1192,443&d=1,1&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=37&tls=1037&g=100&h=100&pt=59&tt=1037&rpt=59&rst=1570791202151&r=v&adk=1695451707&avms=ampa
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
createjs-2015.11.26.min.js
code.createjs.com/ Frame 77A2 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/createjs-2015.11.26.min.js
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:39a::1349 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:23 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
status
200
x-n
S
accept-ranges
bytes
expires
Fri, 11 Oct 2019 11:08:23 GMT
css
fonts.googleapis.com/ Frame 77A2 		2 KB
566 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:700&subset=latin
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ae018541d932cf7f893a7a8045b1202cbc41e35097049506041a417d87162da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 11 Oct 2019 10:53:23 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 11 Oct 2019 10:53:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 11 Oct 2019 10:53:23 GMT
css
fonts.googleapis.com/ Frame 77A2 		2 KB
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:regular&subset=latin
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ece19e848836af517d8bb5adab4da164ea70d1bd0d4c2f40d2a52ddd6e9adeda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 11 Oct 2019 10:53:23 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 11 Oct 2019 10:53:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 11 Oct 2019 10:53:23 GMT
ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2
fonts.gstatic.com/s/notoserif/v8/ Frame 77A2 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v8/ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Noto+Serif:regular&subset=latin
Origin
http://heman.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 09:47:42 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:21 GMT
server
sffe
age
3941
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13192
x-xss-protection
0
expires
Sat, 10 Oct 2020 09:47:42 GMT
56c6470672055e5a24dd74a25aa6703d
ads.businessclick.com/xmlfeed/ Frame 77A2 		531 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.businessclick.com/xmlfeed/56c6470672055e5a24dd74a25aa6703d?callback=FUNC
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/createjs-2015.11.26.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ads.businessclick.com
Software
nginx /
Resource Hash
bd96247440bfe4919d5589866b065ccf4cc449c113085a4a26acdda29ffffe80

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:23 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2
fonts.gstatic.com/s/notoserif/v8/ Frame 77A2 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v8/ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/createjs-2015.11.26.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Noto+Serif:700&subset=latin
Origin
http://heman.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 12:41:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:18 GMT
server
sffe
age
166309
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13660
x-xss-protection
0
expires
Thu, 08 Oct 2020 12:41:34 GMT
e30.XaBfIw.FML3TOj7MYNjNKBPSswHN6b2OzU
ads.businessclick.com/match/ Frame C148
Redirect Chain
  • https://ads.businessclick.com/match/
  • https://bc.wp.pl/match/eyJiY3RyYWNlIjoiVWNpT3E0UDdZMTRKOXM4ODIyZzE2eElaMDMxZDJwWDkifQ.XaBfIw.kmuiqqMihHCaTzvGA43Wsfq07-A
  • https://ads.businessclick.com/match/e30.XaBfIw.FML3TOj7MYNjNKBPSswHN6b2OzU
0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.businessclick.com/match/e30.XaBfIw.FML3TOj7MYNjNKBPSswHN6b2OzU
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ads.businessclick.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:23 GMT
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
server
nginx
access-control-allow-origin
*
expires
Sun, 17 Dec 1989 07:30:00 GMT

Redirect headers

date
Fri, 11 Oct 2019 10:53:23 GMT
server
nginx
status
302
location
https://ads.businessclick.com/match/e30.XaBfIw.FML3TOj7MYNjNKBPSswHN6b2OzU
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
0
4256092800
ads.businessclick.com/cookie/ Frame C148
Redirect Chain
  • https://ads.businessclick.com/cookie?s=mobime&f=1
  • https://beta.pocketads.pl/pAdsTest/partners/?s=1&f=1&p=0&tid=UciOq4P7Y14J9s8822g16xIZ031d2pX9
  • https://ads.businessclick.com/cookie/4256092800?s=mobime
0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.businessclick.com/cookie/4256092800?s=mobime
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ads.businessclick.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:23 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-origin
*

Redirect headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Server
web/server/20
Content-Type
text/html;charset=UTF-8
Location
https://ads.businessclick.com/cookie/4256092800?s=mobime
Referer
http://www.mobi-me.pl
Connection
keep-alive
Content-Length
0
Expires
Wed, 31 Dec 1969 23:59:59 GMT
display
ads.businessclick.com/ Frame C148 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.businessclick.com/display?cid=9d5aba195ab6ff9d20513ef51098d46d&aid=9f5bc1b72e59358c0cd5eb8af7df41af&url=&oid=8a2e7afe0a63ef91d9af0a0d1b14e06f&enc=utf-8&webpage=http%3A%2F%2Fheman.monster%2F&et=31&lai=b5e064783b898ccfd76672b27c4fe46e&sbl=0&srv=worker-2&sid=ec16455f2615c3298d8a8bbf1a753622&cpm=MA.cNCTJPwqYV7TXK8oOneMPd7RSQA&rid=ba0d8dca-301a-4486-8e59-a2b0de2b4dd2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ads.businessclick.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:23 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-origin
*
display
ads.businessclick.com/ Frame C148 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.businessclick.com/display?cid=9d5aba195ab6ff9d20513ef51098d46d&url=&oid=8a2e7afe0a63ef91d9af0a0d1b14e06f&enc=utf-8&webpage=http%3A%2F%2Fheman.monster%2F&et=30&srv=worker-2&sid=ec16455f2615c3298d8a8bbf1a753622&cpm=bnVsbA.Zlb1zBm55WVbi0Vjm5DyGHdsaeQ&rid=ba0d8dca-301a-4486-8e59-a2b0de2b4dd2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ads.businessclick.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:23 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-origin
*
activeview
pagead2.googlesyndication.com/pcs/ Frame 6B5C 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-lSOXx3DDDYiRA91_1SJH5zp0vcprWJZ26nMxTddFTwMXfVzBa3WVHu2lcet2XPYBjCI01hPay5Ku8Hb7ElE70wQqR9Z8wHay4k1_Dio&sig=Cg0ArKJSzIzpJ4RV8PW0EAE&id=ampim&o=792,1199&d=1,1&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=82&tls=1082&g=100&h=100&pt=30&tt=1082&rpt=30&rst=1570791202396&r=v&adk=518758770&avms=ampa
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
display
ads.businessclick.com/ Frame C148 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.businessclick.com/display?cid=9d5aba195ab6ff9d20513ef51098d46d&url=&oid=8a2e7afe0a63ef91d9af0a0d1b14e06f&enc=utf-8&webpage=http%3A%2F%2Fheman.monster%2F&et=20&srv=worker-2&sid=ec16455f2615c3298d8a8bbf1a753622&cpm=bnVsbA.Zlb1zBm55WVbi0Vjm5DyGHdsaeQ&rid=ba0d8dca-301a-4486-8e59-a2b0de2b4dd2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ads.businessclick.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:23 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-origin
*
display
ads.businessclick.com/ Frame C148 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.businessclick.com/display?cid=9d5aba195ab6ff9d20513ef51098d46d&aid=9f5bc1b72e59358c0cd5eb8af7df41af&url=&oid=8a2e7afe0a63ef91d9af0a0d1b14e06f&enc=utf-8&webpage=http%3A%2F%2Fheman.monster%2F&et=21&lai=b5e064783b898ccfd76672b27c4fe46e&sbl=0&srv=worker-2&sid=ec16455f2615c3298d8a8bbf1a753622&cpm=MA.cNCTJPwqYV7TXK8oOneMPd7RSQA&rid=ba0d8dca-301a-4486-8e59-a2b0de2b4dd2
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ads.businessclick.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:23 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-origin
*
q8eob4iqsyelng5szsx6p.jpeg
images.thefirstnews.com/284x167/ Frame 77A2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thefirstnews.com/284x167/q8eob4iqsyelng5szsx6p.jpeg
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.111 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-111.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0358159b343e064b665b9df045611815b3601e87812ffe279b753a9be142057a

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:24 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
last-modified
Wed, 09 Oct 2019 11:17:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"a0ccde1ed318177e31d3ed5189979ccd"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
status
200
content-length
12453
x-amz-cf-id
99XV80ASSI5QyV7uIsa_csN3a92J8EeHRtaNW9vn6UAzbsRIZSfikg==
pixel.gif
rubiconproject883925.s.moatpixel.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rubiconproject883925.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=141&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=heman.monster&L1id=15&L2id=&L3id=0&L4id=0&S1id=0&S2id=0&ord=1570791203123&r=327483395166&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatZoneId=881400&zMoatAppId=&zMoatImpId=9b1f32a3-4160-4d7d-bfb7-21b38d42a705&zMoatMeasType=webplc&zMoatMMAKai=0&bedc=1&tiv_5=0&tiv_15=0&bedc=1&q=1&BSD=Safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-58-219-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 11 Oct 2019 10:53:23 GMT
pixel.gif
rubiconproject883925.s.moatpixel.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rubiconproject883925.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=141&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=heman.monster&L1id=15&L2id=&L3id=0&L4id=0&S1id=0&S2id=0&ord=1570791203123&r=327483395166&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatZoneId=881400&zMoatAppId=&zMoatImpId=9b1f32a3-4160-4d7d-bfb7-21b38d42a705&zMoatMeasType=webplc&zMoatMMAKai=0&bedc=1&tiv_5=0&tiv_15=0&bedc=1&q=2&BSD=Safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-58-219-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 11 Oct 2019 10:53:23 GMT
pixel.gif
rubiconproject883925.s.moatpixel.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rubiconproject883925.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=141&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=heman.monster&L1id=15&L2id=&L3id=0&L4id=0&S1id=0&S2id=0&ord=1570791203123&r=327483395166&t=bs&os=0&fi2=0&div1=0&ait=0&zMoatZoneId=881400&zMoatAppId=&zMoatImpId=9b1f32a3-4160-4d7d-bfb7-21b38d42a705&zMoatMeasType=webplc&zMoatMMAKai=0&bedc=1&tiv_5=0&tiv_15=0&bedc=1&q=3&BSD=Safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-58-219-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 11 Oct 2019 10:53:23 GMT
pixel.gif
px.moatads.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=http%3A%2F%2Fheman.monster%2FCANVAS&i=RUBICON1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBBBB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkBBBBBBB6BsNBmB0Biw7pCr6yCBrO24xXmYyBBBBC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnBBW35CeBBBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyBBBBBBBBBBBBBBBBBTLF6GfC6Jn7OBBYkCBB0IofsfBBPCxB7UBBBtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=http%3A%2F%2Fheman.monster%2F&id=1&cm=4&f=0&j=&t=1570791203123&de=327483395166&cu=1570791203123&m=557&ar=e2b442bdf4f-clean&iw=4e250f1&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5372&le=1&lf=71&lg=1&lh=13&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&bu=141&cd=0&ah=141&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=15%3A%3Aundefined%3Aundefined&bo=undefined&bd=undefined&gw=rubiconproject883925&zMoatZoneId=881400&zMoatAppId=-&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=171901&na=1872973929&cs=0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 11 Oct 2019 10:53:23 GMT
shown
dot.wp.pl/r1570791203/ Frame 77A2
Redirect Chain
  • https://dot.wp.pl/r2738788/show.gif?srv=tfn_ad&par=action%3Dload%26category%3Dview%26label%3Dhttps%3A//www.thefirstnews.com/article/die-welt-thanks-to-law-and-justice-poles-benefit-from-prosperity-...
  • https://dot.wp.pl/r1570791203/shown?srv=tfn_ad&par=action%3Dload%26category%3Dview%26label%3Dhttps%3A//www.thefirstnews.com/article/die-welt-thanks-to-law-and-justice-poles-benefit-from-prosperity-...
0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dot.wp.pl/r1570791203/shown?srv=tfn_ad&par=action%3Dload%26category%3Dview%26label%3Dhttps%3A//www.thefirstnews.com/article/die-welt-thanks-to-law-and-justice-poles-benefit-from-prosperity-8012%26target%3DNews%20%26%20Politics%26format%3D300x250%26version%3Db%26value%3Dnull
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.77.100.82 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
dot.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:23 GMT
accept-ch
Device-Memory, DPR, Width, Viewport-Width, RTT, Downlink, ECT
x-server-details
BuVJRW1JB91iRWVJBufcRTfEDs2iRF62BTlaDTX6oEVsBFV6O1nTn9KvjWr1duOzRTZcDuN2BgJ707YCp91sDkUlGzOCS4BvBkUE0gZCS4Dz09UiGV==
status
204
access-control-allow-methods
GET
p3p
CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ch-lifetime
604800
server
nginx
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 11 Oct 2019 10:53:23 GMT
access-control-allow-origin
x-server-details
BuVJRW1JB91iRWVJBufcDufsB92aBEXsBEVEDu06oEVsBFV6O1nTn9KvjWr1du6iRFOcBEXcRyJ707YCp91Ud7Imp9UlZs1sdgDspkUlZzpidgKr
p3p
CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL OUR SAM IND"
status
301
content-length
304
pragma
no-cache
server
nginx
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
location
/r1570791203/shown?srv=tfn_ad&par=action%3Dload%26category%3Dview%26label%3Dhttps%3A//www.thefirstnews.com/article/die-welt-thanks-to-law-and-justice-poles-benefit-from-prosperity-8012%26target%3DNews%20%26%20Politics%26format%3D300x250%26version%3Db%26value%3Dnull
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
Device-Memory, DPR, Width, Viewport-Width, RTT, Downlink, ECT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
rubiconproject883925.s.moatpixel.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rubiconproject883925.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=201&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=heman.monster&L1id=15&L2id=&L3id=0&L4id=0&S1id=0&S2id=0&ord=1570791203123&r=327483395166&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatZoneId=881400&zMoatAppId=&zMoatImpId=9b1f32a3-4160-4d7d-bfb7-21b38d42a705&zMoatMeasType=webplc&zMoatMMAKai=0&bedc=1&tiv_5=0&tiv_15=0&bedc=1&q=4&BSD=Safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.58.219.40 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-58-219-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:23 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 11 Oct 2019 10:53:23 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8e1d670a9b0de4b0e0848acabed1cc085b84c44a266e47298e3027fcebb55d5d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:24 GMT
content-encoding
gzip
last-modified
Thu, 10 Oct 2019 07:51:08 GMT
server
nginx
etag
W/"5d9ee2ec-a74a"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 12 Oct 2019 10:53:24 GMT
count-data.js
livingrichwithcoupons.disqus.com/ 		1 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://livingrichwithcoupons.disqus.com/count-data.js?1=1130947%20https%3A%2F%2Fwww.livingrichwithcoupons.com%2F%3Fp%3D1130947&1=1131237%20https%3A%2F%2Fwww.livingrichwithcoupons.com%2F%3Fp%3D1131237&1=1131240%20https%3A%2F%2Fwww.livingrichwithcoupons.com%2F%3Fp%3D1131240&1=1131471%20https%3A%2F%2Fwww.livingrichwithcoupons.com%2F%3Fp%3D1131471&1=1131481%20https%3A%2F%2Fwww.livingrichwithcoupons.com%2F%3Fp%3D1131481&1=1131492%20https%3A%2F%2Fwww.livingrichwithcoupons.com%2F%3Fp%3D1131492&1=1131516%20https%3A%2F%2Fwww.livingrichwithcoupons.com%2F%3Fp%3D1131516&1=1131521%20https%3A%2F%2Fwww.livingrichwithcoupons.com%2F%3Fp%3D1131521&1=1131624%20https%3A%2F%2Fwww.livingrichwithcoupons.com%2F%3Fp%3D1131624&1=1131648%20https%3A%2F%2Fwww.livingrichwithcoupons.com%2F%3Fp%3D1131648
Requested by
Host: livingrichwithcoupons.disqus.com
URL: https://livingrichwithcoupons.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
b2df486de68077fc31340ba34ba4758c9bcad58c6f54e9c5ec82a1a13b9dfa46
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 10:53:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Age
104
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
321
X-XSS-Protection
1; mode=block
count-data.js
livingrichwithcoupons.disqus.com/ 		346 B
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://livingrichwithcoupons.disqus.com/count-data.js?1=1131712%20https%3A%2F%2Fwww.livingrichwithcoupons.com%2F%3Fp%3D1131712
Requested by
Host: livingrichwithcoupons.disqus.com
URL: https://livingrichwithcoupons.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
26a2271edd977b180a0efc7e988db85d5256ba4a8c5e591847e8a307c8eb9fe1
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 10:53:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Age
1908
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
245
X-XSS-Protection
1; mode=block
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9648 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3842787174098887604; icu=ChgI0vUtEAoYASABKAEwo76B7QU4AUABSAEKGAjUxUgQChgDIAMoAzCkvoHtBTgDQANIAxCkvoHtBRgD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 11 Oct 2019 10:53:27 GMT
Age
5706693
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19140-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1205195
X-Timer
S1570791207.432161,VS0,VE0
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame AB5E
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
i=43bf481c-7a28-080c-3854-9bd0461d411b|1570791207
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
vary
Accept
set-cookie
i=43bf481c-7a28-080c-3854-9bd0461d411b|1570791207; Version=1; Expires=Sat, 10-Oct-2020 10:53:27 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1570791207|mOgikimWiygu; Version=1; Expires=Sat, 26-Oct-2019 10:53:27 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html
content-length
592
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=43bf481c-7a28-080c-3854-9bd0461d411b|1570791207; Version=1; Expires=Sat, 10-Oct-2020 10:53:27 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
date
Fri, 11 Oct 2019 10:53:27 GMT
content-length
0
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 6E77 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3842787174098887604; icu=ChgI0vUtEAoYASABKAEwo76B7QU4AUABSAEKGAjUxUgQChgDIAMoAzCkvoHtBTgDQANIAxCkvoHtBRgD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 11 Oct 2019 10:53:27 GMT
Age
5706692
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19180-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1552585
X-Timer
S1570791207.432838,VS0,VE0
Vary
Accept-Encoding
redirect
sync.teads.tv/iframe/ Frame C3E2
Redirect Chain
  • https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
  • https://sync.teads.tv/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
tt_viewer=69d07fd2-3477-422b-bcd7-264626f1ff66
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.5
content-length
1844
expires
Fri, 11 Oct 2019 10:53:27 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 11 Oct 2019 10:53:27 GMT
set-cookie
tt_exelate=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_bluekai=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_emetriq=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_liveramp=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_neustar=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_salesforce=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_dar=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_skp=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None

Redirect headers

status
302
content-type
text/html; charset=UTF-8
location
/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
server
akka-http/10.1.5
content-length
158
expires
Fri, 11 Oct 2019 10:53:27 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 11 Oct 2019 10:53:27 GMT
set-cookie
tt_viewer=69d07fd2-3477-422b-bcd7-264626f1ff66; Expires=Fri, 09 Oct 2020 10:53:27 GMT; Max-Age=31449600; Domain=.teads.tv; Path=/; SameSite=None
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 57CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=67488
Expires
Sat, 12 Oct 2019 05:38:15 GMT
Date
Fri, 11 Oct 2019 10:53:27 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set uc.html
sync.go.sonobi.com/ Frame 4A2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=3f0e51cba3
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Date
Fri, 11 Oct 2019 10:53:27 GMT
Content-Type
text/html
Content-Length
826
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Set-Cookie
__uqc=1; expires=Fri, 11 Oct 2019 12:53:26 GMT; domain=.go.sonobi.com; secure; SameSite=None __uis=dbfd27fe-6b1b-4361-a541-c9e9327e5fb5; expires=Sun, 10 Nov 2019 10:53:26 GMT; domain=.go.sonobi.com; secure; SameSite=None HAPLB5S=s579|XaBfK; path=/; domain=.go.sonobi.com
Server
sonobi-go
sync
eb2.3lift.com/ Frame 080E
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.118.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-118-141.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
tluid=11327291596622445109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html; charset=utf-8
content-length
516
set-cookie
sync=CgoI4gEQvOTO09stCgoI5gEQvOTO09stCgkICRC85M7T2y0KCgipARC85M7T2y0KCQg5ELzkztPbLQoJCDoQvOTO09stCgkICxC85M7T2y0KCgjOARC85M7T2y0KCgiOARC85M7T2y0KCQgfELzkztPbLQ==; Max-Age=7776000; Expires=Thu, 9 Jan 2020 10:53:27 GMT; Path=/sync; Domain=.3lift.com tluid=11327291596622445109; Max-Age=7776000; Expires=Thu, 9 Jan 2020 10:53:27 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

status
302
date
Fri, 11 Oct 2019 10:53:27 GMT
content-length
0
set-cookie
tluid=11327291596622445109; Max-Age=7776000; Expires=Thu, 9 Jan 2020 10:53:27 GMT; Path=/; Domain=.3lift.com
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7386 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3842787174098887604; icu=ChgI0vUtEAoYASABKAEwo76B7QU4AUABSAEKGAjUxUgQChgDIAMoAzCkvoHtBTgDQANIAxCkvoHtBRgD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 11 Oct 2019 10:53:27 GMT
Age
5706693
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19140-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1205196
X-Timer
S1570791207.439756,VS0,VE0
Vary
Accept-Encoding
redirect
sync.teads.tv/iframe/ Frame CCBD
Redirect Chain
  • https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
  • https://sync.teads.tv/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
tt_viewer=53346870-9aeb-4d79-8051-9a1e9cd6cc84
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.5
content-length
1844
expires
Fri, 11 Oct 2019 10:53:27 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 11 Oct 2019 10:53:27 GMT
set-cookie
tt_exelate=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_bluekai=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_emetriq=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_liveramp=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_neustar=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_salesforce=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_dar=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_skp=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None

Redirect headers

status
302
content-type
text/html; charset=UTF-8
location
/iframe/redirect?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
server
akka-http/10.1.5
content-length
158
expires
Fri, 11 Oct 2019 10:53:27 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 11 Oct 2019 10:53:27 GMT
set-cookie
tt_viewer=53346870-9aeb-4d79-8051-9a1e9cd6cc84; Expires=Fri, 09 Oct 2020 10:53:27 GMT; Max-Age=31449600; Domain=.teads.tv; Path=/; SameSite=None
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9522 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3842787174098887604; icu=ChgI0vUtEAoYASABKAEwo76B7QU4AUABSAEKGAjUxUgQChgDIAMoAzCkvoHtBTgDQANIAxCkvoHtBRgD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 11 Oct 2019 10:53:27 GMT
Age
5706692
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19180-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1552586
X-Timer
S1570791207.439976,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2FC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
ses2=; vis2=180726^2; audit=1|hLZGFuTafB20+D9ZfSo32O99qzxPzGzoRewphPerumdRJJZkuLq28wOFdrHBcbuL092vHQ0d9PR3vTYVOMbzoNzpQ7vzkXQ/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 09 Oct 2019 22:56:27 GMT
Content-Encoding
gzip
Content-Length
7651
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=58367
Expires
Sat, 12 Oct 2019 03:06:14 GMT
Date
Fri, 11 Oct 2019 10:53:27 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 726D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:6600:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html?gdpr=0&gdprstr=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
content-type
text/html
last-modified
Fri, 27 Sep 2019 17:36:47 GMT
server
AmazonS3
content-encoding
gzip
date
Thu, 10 Oct 2019 17:38:08 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
AQET36rUQnnlYRuz5QT4jzjoRN8LcPTPJCo9UkBKbmVLq97a4uj1KA==
age
62120
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3434 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3842787174098887604; icu=ChgI0vUtEAoYASABKAEwo76B7QU4AUABSAEKGAjUxUgQChgDIAMoAzCkvoHtBTgDQANIAxCkvoHtBRgD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 11 Oct 2019 10:53:27 GMT
Age
5706693
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19140-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1205197
X-Timer
S1570791207.446345,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame DD9A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3842787174098887604; icu=ChgI0vUtEAoYASABKAEwo76B7QU4AUABSAEKGAjUxUgQChgDIAMoAzCkvoHtBTgDQANIAxCkvoHtBRgD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 11 Oct 2019 10:53:27 GMT
Age
5706692
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19180-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1552587
X-Timer
S1570791207.449139,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9701 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3842787174098887604; icu=ChgI0vUtEAoYASABKAEwo76B7QU4AUABSAEKGAjUxUgQChgDIAMoAzCkvoHtBTgDQANIAxCkvoHtBRgD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 11 Oct 2019 10:53:27 GMT
Age
5706693
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19140-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1205198
X-Timer
S1570791207.452585,VS0,VE0
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame FDB5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
__cfduid=db64ade8694a2fb146a7fd6c7b977765b1570791202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52404a569b9dbf0a-FRA
content-encoding
br
iframe
sync.teads.tv/ Frame F93C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
tt_viewer=69d07fd2-3477-422b-bcd7-264626f1ff66
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.5
content-length
1844
expires
Fri, 11 Oct 2019 10:53:27 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 11 Oct 2019 10:53:27 GMT
set-cookie
tt_exelate=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_bluekai=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_emetriq=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_liveramp=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_neustar=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_salesforce=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_dar=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_skp=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None
usersync.html
cdn.undertone.com/js/ Frame 1D1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:6600:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html?gdpr=0&gdprstr=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
content-type
text/html
last-modified
Fri, 27 Sep 2019 17:36:47 GMT
server
AmazonS3
content-encoding
gzip
date
Thu, 10 Oct 2019 18:01:23 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
-u1Xeq_E7jm0XIJUrh7QR_jKWcQuuZtK0LD8adPrCWvce6Z697I_4w==
age
62120
pd
eu-u.openx.net/w/1.0/ Frame F5E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
i=43bf481c-7a28-080c-3854-9bd0461d411b|1570791207; pd=v2|1570791207|mOgikimWiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
vary
Accept
set-cookie
i=43bf481c-7a28-080c-3854-9bd0461d411b|1570791207; Version=1; Expires=Sat, 10-Oct-2020 10:53:27 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1570791207|kimWfcgqiysLgemOgun0oagi; Version=1; Expires=Sat, 26-Oct-2019 10:53:27 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html
content-length
468
via
1.1 google
alt-svc
clear
Cookie set uc.html
sync.go.sonobi.com/ Frame BE9E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=3f0e51cba3
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Date
Fri, 11 Oct 2019 10:53:27 GMT
Content-Type
text/html
Content-Length
826
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Set-Cookie
__uqc=1; expires=Fri, 11 Oct 2019 12:53:26 GMT; domain=.go.sonobi.com; secure; SameSite=None __uis=6d976bfc-e795-4efb-b939-99ed70c5e6e6; expires=Sun, 10 Nov 2019 10:53:26 GMT; domain=.go.sonobi.com; secure; SameSite=None HAPLB5S=s579|XaBfK; path=/; domain=.go.sonobi.com
Server
sonobi-go
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 7101 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=67488
Expires
Sat, 12 Oct 2019 05:38:15 GMT
Date
Fri, 11 Oct 2019 10:53:27 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set uc.html
sync.go.sonobi.com/ Frame 7503 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=3f0e51cba3
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Date
Fri, 11 Oct 2019 10:53:27 GMT
Content-Type
text/html
Content-Length
829
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Set-Cookie
__uqc=1; expires=Fri, 11 Oct 2019 12:53:26 GMT; domain=.go.sonobi.com; secure; SameSite=None __uis=5776886b-0026-4d47-bab8-433eb67a35d7; expires=Sun, 10 Nov 2019 10:53:26 GMT; domain=.go.sonobi.com; secure; SameSite=None HAPLB5S=s579|XaBfK; path=/; domain=.go.sonobi.com
Server
sonobi-go
index.html
cdn.districtm.io/ids/ Frame B066 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
__cfduid=db64ade8694a2fb146a7fd6c7b977765b1570791202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52404a56bbc3bf0a-FRA
content-encoding
br
pd
eu-u.openx.net/w/1.0/ Frame 765B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
i=43bf481c-7a28-080c-3854-9bd0461d411b|1570791207; pd=v2|1570791207|mOgikimWiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
vary
Accept
set-cookie
i=43bf481c-7a28-080c-3854-9bd0461d411b|1570791207; Version=1; Expires=Sat, 10-Oct-2020 10:53:27 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1570791207|kimWfcgqiysLgemOgun0oagi; Version=1; Expires=Sat, 26-Oct-2019 10:53:27 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html
content-length
468
via
1.1 google
alt-svc
clear
sync
eb2.3lift.com/ Frame E185
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.118.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-118-141.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
sync=CgoI4gEQvOTO09stCgoI5gEQvOTO09stCgkICRC85M7T2y0KCgipARC85M7T2y0KCQg5ELzkztPbLQoJCDoQvOTO09stCgkICxC85M7T2y0KCgjOARC85M7T2y0KCgiOARC85M7T2y0KCQgfELzkztPbLQ==; tluid=11327291596622445109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html; charset=utf-8
content-length
491
set-cookie
sync=CgoIoQEQhuXO09stCgoI4gEQvOTO09stCgoI4wEQhuXO09stCgoI5gEQvOTO09stCgkICRC85M7T2y0KCgipARC85M7T2y0KCQgLELzkztPbLQoKCM4BELzkztPbLQoKCI4BELzkztPbLQoJCHMQhuXO09stCgoI1gEQhuXO09stCgkIORC85M7T2y0KCQg6ELzkztPbLQoJCBsQhuXO09stCgoIvQEQhuXO09stCgoI3gEQhuXO09stCgkIHxC85M7T2y0KCQhfEIblztPbLQoJCD8QhuXO09stCgoI3wEQhuXO09st; Max-Age=7776000; Expires=Thu, 9 Jan 2020 10:53:27 GMT; Path=/sync; Domain=.3lift.com tluid=11327291596622445109; Max-Age=7776000; Expires=Thu, 9 Jan 2020 10:53:27 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

Content-Length
0
Connection
keep-alive
Cache-Control
public, max-age=900
Date
Fri, 11 Oct 2019 10:44:15 GMT
Last-Modified
Fri, 11 Oct 2019 10:44:15 GMT
Location
https://eb2.3lift.com/sync?
X-Rev
c4752e7
X-Served-By
impression-bus5.us_east.prod
X-Cache
Hit from cloudfront
Via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
ZFmGui66y55Y3xaY_X7spDU0zcVI9haFr1rwuG7j6rcgelLhNf2PxQ==
Age
552
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame D2D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=67488
Expires
Sat, 12 Oct 2019 05:38:15 GMT
Date
Fri, 11 Oct 2019 10:53:27 GMT
Connection
keep-alive
Vary
Accept-Encoding
iframe
sync.teads.tv/ Frame 4A3F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
tt_viewer=53346870-9aeb-4d79-8051-9a1e9cd6cc84
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.5
content-length
1844
expires
Fri, 11 Oct 2019 10:53:27 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 11 Oct 2019 10:53:27 GMT
set-cookie
tt_exelate=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_bluekai=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_emetriq=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_liveramp=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_neustar=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_salesforce=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_dar=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None tt_skp=; Expires=Sat, 12 Oct 2019 10:53:27 GMT; Domain=.teads.tv; SameSite=None
Cookie set uc.html
sync.go.sonobi.com/ Frame 72E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=3f0e51cba3
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
__uqc=1; __uis=dbfd27fe-6b1b-4361-a541-c9e9327e5fb5; HAPLB5S=s579|XaBfK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Date
Fri, 11 Oct 2019 10:53:27 GMT
Content-Type
text/html
Content-Length
826
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Set-Cookie
__uqc=2; expires=Fri, 11 Oct 2019 12:53:26 GMT; domain=.go.sonobi.com; secure; SameSite=None __uis=dbfd27fe-6b1b-4361-a541-c9e9327e5fb5; expires=Sun, 10 Nov 2019 10:53:26 GMT; domain=.go.sonobi.com; secure; SameSite=None
Server
sonobi-go
index.html
cdn.districtm.io/ids/ Frame 0C97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
__cfduid=db64ade8694a2fb146a7fd6c7b977765b1570791202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52404a573c76bf0a-FRA
content-encoding
br
uc.html
sync.go.sonobi.com/ Frame D32A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=3f0e51cba3
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
__uqc=1; __uis=dbfd27fe-6b1b-4361-a541-c9e9327e5fb5; HAPLB5S=s579|XaBfK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Date
Fri, 11 Oct 2019 10:53:27 GMT
Content-Type
text/html
Content-Length
758
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
sync
eb2.3lift.com/ Frame DE8F
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.118.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-118-141.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
sync=CgoIoQEQhuXO09stCgoI4gEQvOTO09stCgoI4wEQhuXO09stCgoI5gEQvOTO09stCgkICRC85M7T2y0KCgipARC85M7T2y0KCQgLELzkztPbLQoKCM4BELzkztPbLQoKCI4BELzkztPbLQoJCHMQhuXO09stCgoI1gEQhuXO09stCgkIORC85M7T2y0KCQg6ELzkztPbLQoJCBsQhuXO09stCgoIvQEQhuXO09stCgoI3gEQhuXO09stCgkIHxC85M7T2y0KCQhfEIblztPbLQoJCD8QhuXO09stCgoI3wEQhuXO09st; tluid=11327291596622445109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html; charset=utf-8
content-length
514
set-cookie
sync=CgoIwgEQoOXO09stCgkICRC85M7T2y0KCQgLELzkztPbLQoKCM4BELzkztPbLQoKCI4BELzkztPbLQoJCA4QoOXO09stCgkIFBCg5c7T2y0KCgjWARCG5c7T2y0KCgiaARCg5c7T2y0KCQgaEKDlztPbLQoJCBsQhuXO09stCgoI3gEQhuXO09stCgkIHxC85M7T2y0KCQhfEIblztPbLQoKCN8BEIblztPbLQoKCKEBEIblztPbLQoKCOIBELzkztPbLQoKCOMBEIblztPbLQoKCOYBELzkztPbLQoKCKkBELzkztPbLQoJCHMQhuXO09stCgoI9wEQoOXO09stCgoIuAEQoOXO09stCgkIORC85M7T2y0KCQg6ELzkztPbLQoKCPsBEKDlztPbLQoKCPwBEKDlztPbLQoKCL0BEIblztPbLQoKCP4BEKDlztPbLQoJCD8QhuXO09st; Max-Age=7776000; Expires=Thu, 9 Jan 2020 10:53:27 GMT; Path=/sync; Domain=.3lift.com tluid=11327291596622445109; Max-Age=7776000; Expires=Thu, 9 Jan 2020 10:53:27 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

Content-Length
0
Connection
keep-alive
Cache-Control
public, max-age=900
Date
Fri, 11 Oct 2019 10:44:15 GMT
Last-Modified
Fri, 11 Oct 2019 10:44:15 GMT
Location
https://eb2.3lift.com/sync?
X-Rev
c4752e7
X-Served-By
impression-bus5.us_east.prod
X-Cache
Hit from cloudfront
Via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
fs--f2BR7xKQ2o2S3qxXYjJ1OL54odrOxtvN59mpv9RSXvxzsUVXig==
Age
552
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 718B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=67488
Expires
Sat, 12 Oct 2019 05:38:15 GMT
Date
Fri, 11 Oct 2019 10:53:27 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame E268 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3842787174098887604; icu=ChgI0vUtEAoYASABKAEwo76B7QU4AUABSAEKGAjUxUgQChgDIAMoAzCkvoHtBTgDQANIAxCkvoHtBRgD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 11 Oct 2019 10:53:27 GMT
Age
5706692
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19180-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1552588
X-Timer
S1570791208.585392,VS0,VE0
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 3FA4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
__cfduid=db64ade8694a2fb146a7fd6c7b977765b1570791202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52404a575c95bf0a-FRA
content-encoding
br
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3326 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3842787174098887604; icu=ChgI0vUtEAoYASABKAEwo76B7QU4AUABSAEKGAjUxUgQChgDIAMoAzCkvoHtBTgDQANIAxCkvoHtBRgD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 11 Oct 2019 10:53:27 GMT
Age
5706692
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19175-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 3134481
X-Timer
S1570791208.588812,VS0,VE0
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 2A25
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.118.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-118-141.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
sync=CgoIwgEQoOXO09stCgkICRC85M7T2y0KCQgLELzkztPbLQoKCM4BELzkztPbLQoKCI4BELzkztPbLQoJCA4QoOXO09stCgkIFBCg5c7T2y0KCgjWARCG5c7T2y0KCgiaARCg5c7T2y0KCQgaEKDlztPbLQoJCBsQhuXO09stCgoI3gEQhuXO09stCgkIHxC85M7T2y0KCQhfEIblztPbLQoKCN8BEIblztPbLQoKCKEBEIblztPbLQoKCOIBELzkztPbLQoKCOMBEIblztPbLQoKCOYBELzkztPbLQoKCKkBELzkztPbLQoJCHMQhuXO09stCgoI9wEQoOXO09stCgoIuAEQoOXO09stCgkIORC85M7T2y0KCQg6ELzkztPbLQoKCPsBEKDlztPbLQoKCPwBEKDlztPbLQoKCL0BEIblztPbLQoKCP4BEKDlztPbLQoJCD8QhuXO09st; tluid=11327291596622445109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html; charset=utf-8
content-length
433
set-cookie
sync=CgoIwgEQoOXO09stCgkICRC85M7T2y0KCQhJEI7mztPbLQoJCAsQvOTO09stCgoIzgEQvOTO09stCgoIjgEQvOTO09stCgkIDhCg5c7T2y0KCQgUEKDlztPbLQoKCNYBEIblztPbLQoKCNkBEI7mztPbLQoKCJoBEKDlztPbLQoJCBoQoOXO09stCgkIGxCG5c7T2y0KCgjeARCG5c7T2y0KCQgfELzkztPbLQoJCF8QhuXO09stCgoI3wEQhuXO09stCgoIoQEQhuXO09stCgoI4gEQvOTO09stCgoI4wEQhuXO09stCgkIJBCO5s7T2y0KCgjkARCO5s7T2y0KCgjmARC85M7T2y0KCgjnARCO5s7T2y0KCgipARC85M7T2y0KCQhzEIblztPbLQoKCPcBEKDlztPbLQoKCLgBEKDlztPbLQoJCDkQvOTO09stCgkIOhC85M7T2y0KCgj7ARCg5c7T2y0KCgj8ARCg5c7T2y0KCgi9ARCG5c7T2y0KCgj9ARCO5s7T2y0KCgj-ARCg5c7T2y0KCQg_EIblztPbLQ==; Max-Age=7776000; Expires=Thu, 9 Jan 2020 10:53:27 GMT; Path=/sync; Domain=.3lift.com tluid=11327291596622445109; Max-Age=7776000; Expires=Thu, 9 Jan 2020 10:53:27 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

Content-Length
0
Connection
keep-alive
Cache-Control
public, max-age=900
Date
Fri, 11 Oct 2019 10:44:15 GMT
Last-Modified
Fri, 11 Oct 2019 10:44:15 GMT
Location
https://eb2.3lift.com/sync?
X-Rev
c4752e7
X-Served-By
impression-bus5.us_east.prod
X-Cache
Hit from cloudfront
Via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
v9FIBZ7-pn-WuCPrxIfYUssMvMED0D59o0veGbR8lB9coqwZFtVqXg==
Age
552
usersync.html
cdn.undertone.com/js/ Frame CBA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:6600:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html?gdpr=0&gdprstr=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
content-type
text/html
last-modified
Fri, 27 Sep 2019 17:36:47 GMT
server
AmazonS3
content-encoding
gzip
date
Thu, 10 Oct 2019 18:01:23 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
HA3DbSSsuAjfWHlsiCWiKYgjCe9ctmJkE9zB_Y3e-_TjvEBfnfohYQ==
age
62120
pd
eu-u.openx.net/w/1.0/ Frame DDF6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
i=43bf481c-7a28-080c-3854-9bd0461d411b|1570791207; pd=v2|1570791207|kimWfcgqiysLgemOgun0oagi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
vary
Accept
set-cookie
i=43bf481c-7a28-080c-3854-9bd0461d411b|1570791207; Version=1; Expires=Sat, 10-Oct-2020 10:53:27 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1570791207|rskimWfcsHgqmuiynIsLomgemOgunsn0oagi; Version=1; Expires=Sat, 26-Oct-2019 10:53:27 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html
content-length
605
via
1.1 google
alt-svc
clear
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 60A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=67488
Expires
Sat, 12 Oct 2019 05:38:15 GMT
Date
Fri, 11 Oct 2019 10:53:27 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 2EDF
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.118.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-118-141.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
sync=CgoIwgEQoOXO09stCgkICRC85M7T2y0KCQhJEI7mztPbLQoJCAsQvOTO09stCgoIzgEQvOTO09stCgoIjgEQvOTO09stCgkIDhCg5c7T2y0KCQgUEKDlztPbLQoKCNYBEIblztPbLQoKCNkBEI7mztPbLQoKCJoBEKDlztPbLQoJCBoQoOXO09stCgkIGxCG5c7T2y0KCgjeARCG5c7T2y0KCQgfELzkztPbLQoJCF8QhuXO09stCgoI3wEQhuXO09stCgoIoQEQhuXO09stCgoI4gEQvOTO09stCgoI4wEQhuXO09stCgkIJBCO5s7T2y0KCgjkARCO5s7T2y0KCgjmARC85M7T2y0KCgjnARCO5s7T2y0KCgipARC85M7T2y0KCQhzEIblztPbLQoKCPcBEKDlztPbLQoKCLgBEKDlztPbLQoJCDkQvOTO09stCgkIOhC85M7T2y0KCgj7ARCg5c7T2y0KCgj8ARCg5c7T2y0KCgi9ARCG5c7T2y0KCgj9ARCO5s7T2y0KCgj-ARCg5c7T2y0KCQg_EIblztPbLQ==; tluid=11327291596622445109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html; charset=utf-8
content-length
0
set-cookie
tluid=11327291596622445109; Max-Age=7776000; Expires=Thu, 9 Jan 2020 10:53:27 GMT; Path=/; Domain=.3lift.com
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

Content-Length
0
Connection
keep-alive
Cache-Control
public, max-age=900
Date
Fri, 11 Oct 2019 10:44:15 GMT
Last-Modified
Fri, 11 Oct 2019 10:44:15 GMT
Location
https://eb2.3lift.com/sync?
X-Rev
c4752e7
X-Served-By
impression-bus5.us_east.prod
X-Cache
Hit from cloudfront
Via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
cadY11rhbH5uOLaK2Dfxbp7Lq3Tt2TW26ZZziXKmiNSj3_mTOarlVA==
Age
552
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D548 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://heman.monster/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3842787174098887604; icu=ChgI0vUtEAoYASABKAEwo76B7QU4AUABSAEKGAjUxUgQChgDIAMoAzCkvoHtBTgDQANIAxCkvoHtBRgD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 11 Oct 2019 10:53:27 GMT
Age
5706692
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19175-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 3134482
X-Timer
S1570791208.694396,VS0,VE0
Vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 6460 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:6600:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html?gdpr=0&gdprstr=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
content-type
text/html
last-modified
Fri, 27 Sep 2019 17:36:47 GMT
server
AmazonS3
content-encoding
gzip
date
Thu, 10 Oct 2019 18:01:23 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
VjDZuWEyqHX9w6zV0HrWLYqnMNVd5tRSiMathY56_AcdQmp5t89ZWQ==
age
62120
pd
eu-u.openx.net/w/1.0/ Frame 5157 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=6585c845-3352-4cde-9ab7-778c3d7b7585&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
i=43bf481c-7a28-080c-3854-9bd0461d411b|1570791207; pd=v2|1570791207|rskimWfcsHgqmuiynIsLomgemOgunsn0oagi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
vary
Accept
set-cookie
i=43bf481c-7a28-080c-3854-9bd0461d411b|1570791207; Version=1; Expires=Sat, 10-Oct-2020 10:53:27 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1570791207|rsj8gmkimWfcvmsHtlqGgqmuiynIsLiSomgemOgunsn0oagi; Version=1; Expires=Sat, 26-Oct-2019 10:53:27 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.163.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html
content-length
525
via
1.1 google
alt-svc
clear
iframe
sync.teads.tv/ Frame 965F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe?hb_provider=prebid&hb_version=2.32.0&gdprIab=%7B%22status%22%3A0%7D&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
tt_exelate=; tt_bluekai=; tt_emetriq=; tt_liveramp=; tt_neustar=; tt_salesforce=; tt_dar=; tt_skp=; tt_viewer=53346870-9aeb-4d79-8051-9a1e9cd6cc84; tt_exelate=; tt_bluekai=; tt_emetriq=; tt_liveramp=; tt_neustar=; tt_salesforce=; tt_dar=; tt_skp=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://heman.monster/

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.5
content-length
844
expires
Fri, 11 Oct 2019 10:53:27 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 11 Oct 2019 10:53:27 GMT
index.html
cdn.districtm.io/ids/ Frame 2857 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/core/gdpr/vendor/prebid/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://heman.monster/
accept-encoding
gzip, deflate, br
cookie
__cfduid=db64ade8694a2fb146a7fd6c7b977765b1570791202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://heman.monster/

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:27 GMT
content-type
text/html
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52404a59284ebf0a-FRA
content-encoding
br
roundtrip.js
a.adroll.com/j/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.adroll.com/j/roundtrip.js
Requested by
Host: heman.monster
URL: http://heman.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.89 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-89.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4a1d3bf6c1cec783f967068348e78974da3b79cdfae1746c01f7f9ad86ad9951

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
9.BQ9cxFANfreH2vrVxQTFpw5o67znAv
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 15:18:31 GMT
Server
AmazonS3
x-amz-request-id
22EDA53F68065073
ETag
"4cdaf4a1f2ebfda8dd871575ebef2236"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600, must-revalidate
Date
Fri, 11 Oct 2019 10:53:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10345
x-amz-id-2
6hl2lz4qhePmmL7wGk/rAbUQa9cH1aAMI46R+kLa5ZNeGT8sWcCInIofSndvSEn/J57r5u2PYjs=
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/5MAOSLY6L5FGXHKIV3HIZM/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
qptUk7Gu4VhEiLSEq3K26l8OxWp44Kqb
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
55A64133270CA949
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
28
x-amz-id-2
s0VYcMZwDlDyCcOQpKQTCGJCgjWQvYrLv4CiAnljJxfhjWtcHJKkmAep7uZPPmoCvxHxQ1Zu+84=
Last-Modified
Mon, 30 Sep 2019 18:34:18 GMT
Server
AmazonS3
Date
Fri, 11 Oct 2019 10:53:28 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
5MAOSLY6L5FGXHKIV3HIZM
d.adroll.com/consent/check/ 		52 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/5MAOSLY6L5FGXHKIV3HIZM?_s=ac5b2bffdfe78be3a71d231837c3c484&_b=2
Requested by
Host: a.adroll.com
URL: https://a.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.101.139 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-46-137-101-139.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
6a5862cec71ec62c1d809d12c7919541d611156c4afe375bf8cf7b5ddd7e406d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/javascript
Content-Length
52
/
track.adform.net/serving/unload/ Frame C148 		35 B
422 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-4415780301758472873@@29481383,820892333330652366,0|0|0|0|0|0|0|0|0||0|0|31|7110b8d2376dff9829462a83d2c660b65b0120ae_1|||1|0|0|rvTt-uhApgntM-qxezg3lTifZiyUxSvbY6ixth2LPSG03_m_NalikgDCyA2L_VipmVKB6saG2-41|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/619/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:28 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://heman.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
LFACRSBTBJA77FKTBFCDEL.js
s.adroll.com/pixel/5MAOSLY6L5FGXHKIV3HIZM/3TBQFSFBJBAH5E7TC4CZ5T/
Redirect Chain
  • https://d.adroll.com/pixel/5MAOSLY6L5FGXHKIV3HIZM/3TBQFSFBJBAH5E7TC4CZ5T?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&pv=31112215302.10524&cookie=&adroll_s_ref=&keyw=&arrfrr=h...
  • https://s.adroll.com/pixel/5MAOSLY6L5FGXHKIV3HIZM/3TBQFSFBJBAH5E7TC4CZ5T/LFACRSBTBJA77FKTBFCDEL.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/5MAOSLY6L5FGXHKIV3HIZM/3TBQFSFBJBAH5E7TC4CZ5T/LFACRSBTBJA77FKTBFCDEL.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
12c3ccadd6074181b566d32dd45d3cfa7c8e01c2cce622026daebffbc67b8367

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
mUMPOlOpgQzMpb.B6gzFPrRp0vTDbhl5
Content-Encoding
gzip
ETag
"1bb99f7873f95af487f13897b9b93840"
x-amz-request-id
1A8F4156ABCD8867
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1530
x-amz-id-2
f3xC9YUL4RyRKk7hsSuzIXCf0VmthkRyGTkl8i047BeLCy7gCKjz9/RWuYUc5irL8i0Dk0Q/gI4=
Last-Modified
Thu, 10 Oct 2019 20:56:05 GMT
Server
AmazonS3
Date
Fri, 11 Oct 2019 10:53:28 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Fri, 11 Oct 2019 10:53:28 GMT
X-Segment-Display-Name
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection
keep-alive
Content-Length
0
Pragma
no-cache
X-Conversion-Value
0.0
Server
nginx/1.14.1
X-Rule
*
X-Segment-Eid
LFACRSBTBJA77FKTBFCDEL
Location
https://s.adroll.com/pixel/5MAOSLY6L5FGXHKIV3HIZM/3TBQFSFBJBAH5E7TC4CZ5T/LFACRSBTBJA77FKTBFCDEL.js
Cache-Control
no-store, no-cache, must-revalidate
X-Pixel-Eid
3TBQFSFBJBAH5E7TC4CZ5T
X-Segment-Name
*
X-Advertisable-Eid
5MAOSLY6L5FGXHKIV3HIZM
X-Conversion-Currency
sendrolling.js
s.adroll.com/j/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/5MAOSLY6L5FGXHKIV3HIZM/3TBQFSFBJBAH5E7TC4CZ5T/LFACRSBTBJA77FKTBFCDEL.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
MoLWhO2.QuEN6uxWTtfGTs9VNo6GBT4q
Content-Encoding
gzip
ETag
"15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id
8D66B12AEC1FE16F
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2039
x-amz-id-2
U03k8W+834KnzjHY1HWwJBpUJGIUw1OrdeDx2NV4ro8fdV068lw0rs7u1JTVs0/hT895iGPnM+w=
Last-Modified
Thu, 10 Oct 2019 01:46:34 GMT
Server
AmazonS3
Date
Fri, 11 Oct 2019 10:53:28 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
1769825286639085
connect.facebook.net/signals/config/ 		280 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1769825286639085?v=2.9.5&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d916e758724271e9bde68eb0f1a175f949b8d59772c0576df0bb968596f471ea
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-trip-id
1554255614
pragma
public
x-fb-debug
FM8tZGt46jzEeEgB8QJ1afdvntKizTa4vk80TodGvuXu5HFzf5YSoTifZyaRVi/SwB11Nyp4vsjRGqMFRgMHuA==
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
DENY
date
Fri, 11 Oct 2019 10:53:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/aol/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://pixel.advertising.com/ups/55980/sync?uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://pixel.advertising.com/ups/55980/sync?uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP5b79fc11-ec15-11e9-b254-02...
0
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP5b79fc11-ec15-11e9-b254-02fbefe83874
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.201.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-201-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:28 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Fri, 11 Oct 2019 10:53:28 GMT
content-length
0
location
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP5b79fc11-ec15-11e9-b254-02fbefe83874
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&expiration=1602327208
43 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&expiration=1602327208
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Oct 2019 10:53:28 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&expiration=1602327208
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
139
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&expires=365
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
124
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&rdrctExp=true
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&rdrctExp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:28 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, JFK, FRA, Europe1
x-timer
S1570791209.628966,VS0,VE95
accept-ranges
bytes, bytes
x-served-by
cache-jfk8135-JFK, cache-fra19133-FRA
x-cache
MISS, MISS
status
200
backend-ip
104.156.90.35
x-traceid
fcda4e52fe5b0507970ab59cb3e73967
content-length
0
x-cache-hits
0, 0

Redirect headers

date
Fri, 11 Oct 2019 10:53:28 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, JFK, FRA, Europe1
x-timer
S1570791209.529990,VS0,VE92
accept-ranges
bytes, bytes
x-served-by
cache-jfk8120-JFK, cache-fra19133-FRA
status
302
x-cache
MISS, MISS
location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&rdrctExp=true
backend-ip
104.156.90.20
x-traceid
83edcdcb0bfc246742a2bb31d60855e0
content-length
0
x-cache-hits
0, 0
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
X-lat
Pug22003:0:500
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
220
in
d.adroll.com/cm/r/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
42 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.101.139 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-46-137-101-139.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42

Redirect headers

Date
Fri, 11 Oct 2019 10:53:28 GMT
X-Content-Type-Options
nosniff
Server
ATS
Age
0
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
P3P
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:28 GMT
via
1.1 varnish
server
nginx
x-timer
S1570791209.543508,VS0,VE8
x-cache
MISS
status
204
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-fra19133-FRA

Redirect headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
111
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&dongle=c85e
37 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4714&xuid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&dongle=c85e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.118.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-118-141.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://eb2.3lift.com/xuid?mid=4714&xuid=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE&dongle=c85e
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
102
sync
x.bidswitch.net/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
43 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=44&user_id=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.211.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-211-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 11 Oct 2019 10:53:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://x.bidswitch.net/sync?dsp_id=44&user_id=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
96
setuid
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://ib.adnxs.com/setuid?entity=172&code=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=172&code=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:30 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid
b6633b01-a1a8-49f1-8c31-55388252f607
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ib.adnxs.com/setuid?entity=172&code=NDFhMTM0N2ZiNDYwY2RjOTFkMmU3YWRhNzU5YWE2NjE
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
93
377928.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://idsync.rlcdn.com/377928.gif?partner_uid=41a1347fb460cdc91d2e7ada759aa661
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=41a1347fb460cdc91d2e7ada759aa661
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 11 Oct 2019 10:53:28 GMT
via
1.1 google
alt-svc
clear

Redirect headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://idsync.rlcdn.com/377928.gif?partner_uid=41a1347fb460cdc91d2e7ada759aa661
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
86
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=41a1347fb460cdc91d2e7ada759aa661
43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537103138&val=41a1347fb460cdc91d2e7ada759aa661
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:28 GMT
via
1.1 google
server
OXGW/16.163.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537103138&val=41a1347fb460cdc91d2e7ada759aa661
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
87
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=634548cec2d439a2970ce3e36059b44f-1570791208347&xid_ch=f&advertisable=5MAOSLY6L5FGXHKIV3HIZM&google_nid=adroll5
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=QaE0f7RgzckdLnradZqmYQ
  • https://d.adroll.com/cm/g/in
42 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.101.139 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-46-137-101-139.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Server
nginx/1.14.1
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
X-Result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Fri, 11 Oct 2019 10:53:28 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1769825286639085&ev=PageView&dl=http%3A%2F%2Fheman.monster%2F&rl=&if=false&ts=1570791208489&cd[segment_eid]=LFACRSBTBJA77FKTBFCDEL&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=29&fbp=fb.1.1570791202501.789998617&it=1570791201245&coo=false&exp=w0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 10:53:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 11 Oct 2019 10:53:28 GMT
pixel.gif
px.moatads.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=RUBICON1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBBBB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkBBBBBBB6BsNBmB0Biw7pCr6yCBrO24xXmYyBBBBC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnBBW35CeBBBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyBBBBBBBBBBBBBBBBBTLF6GfC6Jn7OBBYkCBB0IofsfBBPCxB7UBBBtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=http%3A%2F%2Fheman.monster%2F&id=1&cm=4&f=0&j=&t=1570791203123&de=327483395166&cu=1570791203123&m=5761&ar=e2b442bdf4f-clean&iw=4e250f1&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5377&le=1&lf=71&lg=1&lh=13&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5150&cd=141&ah=5150&am=141&rf=0&re=0&wb=1&cl=0&at=0&d=15%3A%3Aundefined%3Aundefined&bo=undefined&bd=undefined&gw=rubiconproject883925&zMoatZoneId=881400&zMoatAppId=-&hv=friendly%20iframe&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=171901&na=1978632788&cs=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://heman.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Oct 2019 10:53:28 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 11 Oct 2019 10:53:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
heman.monster
URL
https://heman.monster/?page=plists-mylist&action=get&id=&initial=1&_=1570791200859

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| adthrive object| _wpemojiSettings object| lf_vars object| twemoji object| wp undefined| $ function| jQuery object| cdbDebug object| couponDB function| DP_jQuery_1570791200881 number| lrwc_sr_item_count function| doAutoComplete function| getCategoriesList function| toggleCheckBoxClass function| DP_jQuery_1570791200888 object| dpsp_pin_button_data function| __cmp object| googletag object| pbjs object| core object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| pbjsChunk function| JSEncrypt function| index_render number| google_srt undefined| google_measure_js_timing object| pwidget_config string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _pcq object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| atrk object| _atrk_opts boolean| _atrk_fired object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| salvattore object| jQuery1124016489793463624247 function| ichecked object| icheck object| wpcf7 object| PT_CV_PUBLIC object| PT_CV_PAGINATION function| EventEmitter object| eventie function| cvp_imagesLoaded object| cvp_Modernizr function| cvp_Shuffle function| cvp_common object| cvsf_data function| cvp_js object| countVars string| disqus_shortname object| _gaq function| post_widget function| post_init object| pwidget_api function| post_sticky object| pwidget_modules string| adroll_adv_id string| adroll_pix_id object| dataLayerCBias object| _comscore object| _clrm boolean| google_noFetch number| __google_ad_urls_id object| Criteo object| closure_lm_69735 object| confiant boolean| _pc_loaded object| PC object| VWO object| _vwo_exp_ids object| _vwo_exp string| _vwo_server_url object| _vis_opt_queue function| bowser object| __pc object| _pushcrewDebuggingQueue object| _pc_u boolean| ecomEventsInit function| udm_ object| ns_p object| COMSCORE object| google_tag_manager object| bod string| allMatches object| matches string| pid function| gacbias number| google_unique_id object| google_reactive_ads_global_state function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| r1PoStJSONP9600 function| err__1570791202894 boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| MoatBSJsonpRequest_80639159 object| Adform object| criteo_pubtag object| DISQUSWIDGETS undefined| disqus_domain boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars

33 Cookies

Domain/Path Name / Value
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB20+D9ZfSo32O99qzxPzGzoRewphPerumdRJJZkuLq28wOFdrHBcbuL092vHQ0d9PR3vTYVOMbzoNzpQ7vzkXQ/
.rubiconproject.com/ Name: vis2
Value: 180726^2
.go.sonobi.com/ Name: __uis
Value: 5776886b-0026-4d47-bab8-433eb67a35d7
.3lift.com/ Name: tluid
Value: 11327291596622445109
.go.sonobi.com/ Name: __uqc
Value: 1
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.teads.tv/ Name: tt_skp
Value:
.teads.tv/iframe Name: tt_emetriq
Value:
.teads.tv/ Name: tt_dar
Value:
.teads.tv/ Name: tt_neustar
Value:
.teads.tv/iframe Name: tt_dar
Value:
.teads.tv/ Name: tt_liveramp
Value:
.teads.tv/ Name: tt_emetriq
Value:
.rubiconproject.com/ Name: ses2
Value:
.teads.tv/ Name: tt_bluekai
Value:
.teads.tv/ Name: tt_viewer
Value: 53346870-9aeb-4d79-8051-9a1e9cd6cc84
.teads.tv/iframe Name: tt_skp
Value:
.districtm.io/ Name: __cfduid
Value: db64ade8694a2fb146a7fd6c7b977765b1570791202
.teads.tv/iframe Name: tt_bluekai
Value:
.teads.tv/ Name: tt_salesforce
Value:
.openx.net/ Name: pd
Value: v2|1570791207|rsj8gmkimWfcvmsHtlqGgqmuiynIsLiSomgemOgunsn0oagi
.heman.monster/ Name: _fbp
Value: fb.1.1570791202501.789998617
.teads.tv/iframe Name: tt_exelate
Value:
.go.sonobi.com/ Name: HAPLB5S
Value: s579|XaBfK
.teads.tv/iframe Name: tt_neustar
Value:
.adnxs.com/ Name: uuid2
Value: 3842787174098887604
.teads.tv/ Name: tt_exelate
Value:
.openx.net/ Name: i
Value: 43bf481c-7a28-080c-3854-9bd0461d411b|1570791207
.teads.tv/iframe Name: tt_liveramp
Value:
.teads.tv/iframe Name: tt_salesforce
Value:
.heman.monster/ Name: __gads
Value: ID=618b1245a7470117:T=1570791202:S=ALNI_MbgfoTfmEAgDCkXvB3MNvhdzZIhbA
.3lift.com/sync Name: sync
Value: CgoIwgEQoOXO09stCgkICRC85M7T2y0KCQhJEI7mztPbLQoJCAsQvOTO09stCgoIzgEQvOTO09stCgoIjgEQvOTO09stCgkIDhCg5c7T2y0KCQgUEKDlztPbLQoKCNYBEIblztPbLQoKCNkBEI7mztPbLQoKCJoBEKDlztPbLQoJCBoQoOXO09stCgkIGxCG5c7T2y0KCgjeARCG5c7T2y0KCQgfELzkztPbLQoJCF8QhuXO09stCgoI3wEQhuXO09stCgoIoQEQhuXO09stCgoI4gEQvOTO09stCgoI4wEQhuXO09stCgkIJBCO5s7T2y0KCgjkARCO5s7T2y0KCgjmARC85M7T2y0KCgjnARCO5s7T2y0KCgipARC85M7T2y0KCQhzEIblztPbLQoKCPcBEKDlztPbLQoKCLgBEKDlztPbLQoJCDkQvOTO09stCgkIOhC85M7T2y0KCgj7ARCg5c7T2y0KCgj8ARCg5c7T2y0KCgi9ARCG5c7T2y0KCgj9ARCO5s7T2y0KCgj-ARCg5c7T2y0KCQg_EIblztPbLQ==
.adnxs.com/ Name: icu
Value: ChgI0vUtEAoYASABKAEwo76B7QU4AUABSAEKGAjUxUgQChgDIAMoAzCkvoHtBTgDQANIAxCkvoHtBRgD

12 Console Messages

Source Level URL
Text
console-api log URL: https://www.livingrichwithcoupons.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: http://ads.adthrive.com/core/v1/js/adthrive.min.js?threshold=47(Line 1)
Message:
%cAdThrive::init started color: #999; font-weight: bold;
console-api log URL: https://www.livingrichwithcoupons.com/wp-content/plugins/lrwc-plists/js/cdb/main.js?ver=3.5.3(Line 12)
Message:
error
console-api info URL: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js(Line 527)
Message:
Powered by AMP ⚡ HTML – Version 1909241711100 http://heman.monster/
console-api info URL: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js(Line 527)
Message:
Powered by AMP ⚡ HTML – Version 1909241711100 http://heman.monster/
console-api info URL: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js(Line 527)
Message:
Powered by AMP ⚡ HTML – Version 1909241711100 http://heman.monster/
console-api info URL: https://cdn.ampproject.org/rtv/231910071804120/amp4ads-v0.js(Line 424)
Message:
Powered by AMP ⚡ HTML – Version 1910071804120 http://heman.monster/
console-api info URL: https://cdn.ampproject.org/rtv/231910071804120/amp4ads-v0.js(Line 424)
Message:
Powered by AMP ⚡ HTML – Version 1910071804120 http://heman.monster/
console-api log URL: http://heman.monster/(Line 315)
Message:
maxItems == 866
console-api log URL: http://heman.monster/(Line 316)
Message:
json == [object Object]
console-api log URL: http://heman.monster/(Line 323)
Message:
we found it dla i ==0 , json == null
console-api log URL: http://heman.monster/(Line 324)
Message:
we found it dla i ==0 , json == https://images.thefirstnews.com/q8eob4iqsyelng5szsx6p.jpeg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adroll.com
a.teads.tv
a25666e982826db5b043e18a888741f57.profile.iad89-c2.cloudfront.net
acdn.adnxs.com
ads.adthrive.com
ads.businessclick.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
as.casalemedia.com
b.scorecardresearch.com
bc.wp.pl
beacon-eu2.rubiconproject.com
beta.pocketads.pl
bidder.criteo.com
cafemedia-d.openx.net
cdn.ampproject.org
cdn.districtm.io
cdn.pushcrew.com
cdn.undertone.com
certify.alexametrics.com
clarium.global.ssl.fastly.net
cloudfront-labs.amazonaws.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
csi.gstatic.com
d.adroll.com
d31qbv1cthcecs.cloudfront.net
dmx.districtm.io
dot.wp.pl
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.moatads.com
hb.undertone.com
hbopenbid.pubmatic.com
heman.monster
i.po.st
ib.3lift.com
ib.adnxs.com
idsync.rlcdn.com
images.thefirstnews.com
livingrichwithcoupons.disqus.com
logger.adthrive.com
mb.moatads.com
p.po.st
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
po.st
prebid.adnxs.com
px.moatads.com
rubiconproject883925.s.moatpixel.com
s.adroll.com
s1.adform.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.criteo.net
staticxx.facebook.com
stats.aws.rubiconproject.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.outbrain.com
sync.teads.tv
tlx.3lift.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.livingrichwithcoupons.com
x.bidswitch.net
z.moatads.com
heman.monster
104.109.78.125
104.16.68.69
13.225.78.112
13.225.78.47
13.225.78.74
143.204.101.111
143.204.101.27
143.204.101.51
151.101.112.134
151.101.13.108
151.101.13.194
151.101.14.2
172.217.18.2
176.9.179.57
178.162.133.149
178.162.133.150
178.250.2.130
178.250.2.152
185.33.223.83
185.64.189.110
185.64.189.112
192.229.233.175
194.5.94.117
2.16.186.104
2.16.186.51
2.16.186.89
2.18.232.7
2.18.233.180
2.18.233.40
2.18.234.21
2.18.235.40
212.77.100.82
212.77.99.29
216.52.2.48
216.58.207.66
23.21.40.106
23.43.115.95
23.58.219.40
2404:6800:400a:80b::2003
2600:9000:2156:6600:1f:2473:9080:93a1
2606:4700:10::6814:3677
2606:4700:20::681a:8d2
2a00:1288:110:c305::9000
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2008
2a00:1450:4001:817::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:81f::2001
2a00:1450:4001:821::2002
2a00:1450:4001:824::2003
2a00:1450:4001:825::200a
2a00:1450:400c:c0a::9a
2a02:26f0:10c:39a::1349
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.10.83.173
3.224.229.132
34.95.120.147
35.156.206.192
35.157.201.139
35.176.107.49
35.190.72.21
37.157.2.239
37.157.5.73
37.252.161.184
46.137.101.139
52.28.145.127
52.28.211.49
52.57.118.141
54.194.74.35
69.173.144.136
69.173.144.143
69.173.144.152
72.21.202.25
74.217.253.70
74.217.253.90
99.84.185.71
00ff952a3a3d45301c2d38beeb9065509b4b594b6d02ee57a7cb3b0abcdf1f29
01edfe80606752be1ef61d10183f62d549a0b469fcc9c26e2f778e99863a3486
02badb2df1f182fca83821e95f7d1f1b83501e31a217a2a10a5d6e86998472a9
02d7e3ee6bcda400b27afeade3e3f204fe9cc150b258485db69fb5a9429f6599
0358159b343e064b665b9df045611815b3601e87812ffe279b753a9be142057a
0373ad20708ca9272cf5e53a08cb1a2b0a0d4ae9dafa621f11b7fb31ab221e21
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
053a50739b5df48ab1c1a1837f157185e89eabd38f42271088252057292281d3
0723ea212c8f0ec0aa75d14e224c27bdf2f4f8b07d7feb73522819a8ec15899b
0798f078b3b1f3586b9292852836e0debb7752c9ed21351b9a163076b44156dc
07ddc9d74d0e33a5cbc634b789df87e2f12dbd0a8ff17c71e25a2e7b29abdf5c
0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094
08f654ecc2de344db8e57cffbbc5580c1879b30637dc5162c1ca307ad19df550
09dc69867700c2c8fa3a65b7e092309eb4c79b4da93d53c820b18bed1a197c94
0cc348ccdad929a093d637122dc59958c470c86eb055fa940dc28c5f93befe48
0e063443c9fc17b47a6c56347534058fd75e60bf5b6ff58cbfdc72472ecd93ab
0e7f3376ee7edfd88ccb0dfa571f919bfbdfc1690960923a6343ba7b1bfa7ea8
0efe616f3fccafb971429e53e2ca734d0d4e8b4079fc06d7057c8491820afcad
0ff4d5777f4885ea2b3969dfe5dd2029f3a6a436c4769cb1861835974b4a52b9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12c3ccadd6074181b566d32dd45d3cfa7c8e01c2cce622026daebffbc67b8367
12ff975787adf9e71d2e67e02c098721c2b5d80b4f15c49a557be278928c663f
131b2d9ae92d3521329e6d3c0332e7323e4a7be2215f39bf0deb4b892f9194d3
13cbfa8375957d42bf3e8aec0d95021b69f4eaee1af8fd5278d505cb335649c3
15dd49ca9781c5ea3f41fb8f720b888b43b790c7f90e3ec26a297d5662789864
16177059f7e89507d5f62d3b59610579e3000cabacf7937da9d7e0a68e96fab7
16e8fc2e77511c61940989b1310dcc8bfa07f29dc78dda7cba57b39d66e28ab9
186edb52569a032f506d4e99aa2f325a0327a247d9bb7a79c3fc3ca8b61b1a2c
19405ddcb50ea507bbb0c9cd13be22125b87d52c5254bb3af9b611a8710f45cb
19736cb9f99dbec1539e167687adaccda378240be8c14dde7aea0a426a4d07e0
197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1ee1be13d34339e64187a0813f209adf5acb862ac8048da3a1b10281a3f0d1fd
1ef3b2018460f499847215358ad588852cdf72c969234ab0e2674eb9c5890737
2109579a9fe9cd42712882153b1282565407c30771e80882b89ecca1fbc947e6
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
22529609ad54b33ee1695008d3daa6e35f133849c49ee00d7e9bc02eb0dd9a56
22ed4b20b3c6289b46e1cd7ac37ee6f41301d7da99c6b7baac0cccc84480206c
2385ccbfcff201384dd405fed6dfc8cf57dcb3bcf4d4038de40e35ecdbbd1622
23f58aa582f221d09e5424b6cd60976580f8e4abf833ab4aefff9dee1b7f9ed0
245330bb2587f51f01a2e2353add087706676210682d909a8d95828a9490d5e4
256fcf960dc092df85a2e91b16a08e5a826a62baea2791b6774a7edcd49258b8
26a2271edd977b180a0efc7e988db85d5256ba4a8c5e591847e8a307c8eb9fe1
26aebfaf6a663229c50be8d93ca36b79a7bd0d15e99115f4ada783ee91859da8
2979ccddcadef5ea16dcc234d478a06f5665d291f9d283fcae36658c71c0ffa4
2ae0d8cb1da6bba656e0cacc9d88a07d455f62e3c05d2420905a37bce9bb11ee
2d7a3c723919afb5e2eab003f470cf164362598bec3bd86d56a0c9bb708b24c3
2f46b25b89dce490111cc10bd307c9e8289431e7ca4a73db01e2fffd9425d5de
2f9128862212919617c760f1ad272fed65812e022977558953b44488410e0f18
315d60fd4fe987c98f4a7ac0f39d89103a096bd6247adb930060f9ba0c915be2
3211bfa262e89b39e2ea37612d9934a7e57b36c0bf83987316c296fbe9192ae9
3213c4649401f5b7d9563aa47a2ba3eda0ca9aa6965d5a1f64dfa0ffac87e3eb
32f773df8ddac2947d20c27048611674e1bd15ac90ff4e493e154a54b23cfd89
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34e1378a42c7969df4e785280bee2dd0eb10d810dca87a15c4912c56e9364a19
3543cd0e780c9215f04735ebbd29bcc24124eb26abeca31e9300a4e179fdd1fa
37a8b06eab08134f2037c797f4596c7688dd564a8395cb7e072577f371d8f993
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3b4dce6c068a00b8298f12d1f4e719f2204778beb1140a078293b413ba7a63a9
3b7e628797088acbfbd09c7add29853879fe398f581bc7a86e0470afbf274116
3b82def7bcca62387492dd8c9cc3274e69712e93aa4e04a08e7eee70220dacdd
3c6b87bd79f2a4ae06f04395ee1695fe76d8d8d30d61dd01480f3d06f1db51da
3c7f91683fa3c54ba25059f4933d0baa50388be0b40052a2defe9b9f5317c5b4
419507ed6fab38d09381c5d837bf46af4ec060edef8385695db33402ce4499b6
4248cf156826a4e7b6c1ea1fdd76f16619e76f4af4703aa05ef016d9a0d8ad0e
434f70ea916709d4aa90578bb7cb9a30d4f22c5df53d4714b7104d259760116d
438a6578ed575e525d8cb95217dd546c6c92f942a2d6e20780a2671030f4cb9f
43f129322e3022a554ee9712b78af6080a3b04da6470daf1ce4e639cf6d8c8f3
443caf56e2ae77a62ab3575d872b687dabff182cc45246f02d6cfc1fba6a26a8
465aadacf0437f758793e23a81a537cd97384edb3701c034747abbfb373305ee
47d96b9a3ae9a22c13d9060e0f62c6dc3a3b465bca2fd22f99c4cca557e20225
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49341399c4801527cc40f534238ec5bfb28e4f88a219d094f0a9d339107d7f26
4a1d3bf6c1cec783f967068348e78974da3b79cdfae1746c01f7f9ad86ad9951
4a2ca740653b8abf682c201a3ee7fa2e8faa2184311716b23442f72f8cc0c001
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dbc0e17ae4fcadadbbb2da2867fdaca866c256e061bfc49b497d8d9b0f35a97
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e75f9e56f4504bebb463f9b320cad8aae6e22be43c76136861093fc13ecb8f5
4edc83ebfac780b6ad18548327dff57f5a44a033320d21ac93031cfdacf9ffa3
4fcc73d6ba6e3607f69257d600438a9caa70b64c608fbc8d903d9958ed5b5b2e
533bc73e189bf7816849794cbb70a601caa8a097ac4b941040ebc37e63f8aa63
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5524ab41c2429a1f3da5efc6aa095ed2ac657ad31be2ea2fea99f205f076620d
56981da1d6154f054910ac0aea204b4bfc0ac2d1bc15699e0cf6ebcfa59a5297
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c
5c4b751cbb0c0fbdabec0e7dc0c5d9f59bc13be9c7b8ffe03a51bec6065a03d9
5d9fae699e3213f46b6d2dc0ea7acba6d0937d5d8ad19a77d697fe92ad449f1e
5f1b607cc85335f8a543f36ec8e21f949ce78dcafe9b7b96d45733569654e7f3
6504c3522c7852e14a68d8b079444f5b822ff2f6d8d97eec1a85e53f9a981a6c
66531ea727f4f75828051417adcaefd6c57e9523ec78bf8cba78d23f746a459c
6709842573a8abca6a156b2ea216637124e110dc4b0cf12ece1b8e79f6c0e2b2
6a4a04dc1af2dcdf6e22f566e3bba28f4ced6ba9aa8e91b380fe5cfd01fe8fc7
6a5862cec71ec62c1d809d12c7919541d611156c4afe375bf8cf7b5ddd7e406d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6cb4ac8a7da47327a0b464590dabbfb9caef6933c9e15062dcdaa0a45519bbcc
6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5
6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1
6f33adecfa8dacb04b161289c89b2930d80324d5d0baa1c0da86ed08b9c1ebda
6fa513f823cc936392314f3d7c03878d547d74e72a17f4a2fd5a3a0fb5fd93d9
712cbfabc07910fc426d055fa79fdbb9d20e2430cd881adbfc85464be8194bd9
716083d9db8f6da95cbb733abfd22189b1e33d5baa3626801ff5e1889666750c
759c844de76b39422ccd0e3e848bf8cd6bb97398affea1aa236c6976b4081a24
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
77d55dea22ea3ee6f0f8aae7605bdce014554eff4f4cdf7a70e0a7134260ce42
79a1ff3db87facf2bfbbabb9e1f6078a4fc74e0765aeb409282bf6b31565c28b
7a6243879fd4b8aabea31d8a49d1b540adcd8c9ae36d5ca1853afc98a336effd
7aea9b507cc9d6ce2a4c55ab494df59d7d3cf41987d0031dde0bf1eeb8f97cff
7b05adbc63f53e0b19d0cf390b9e0a07272cb4c3b82bd8a4456e4bb30103a39b
7b2b44b88516279d6f084d53344efceb465eabb5bdb1a7d8601b1afe46efa80e
7d0cc09dd8efba5a5ba60d04fae178e09d4ea23778d475212719f3cc5fd14bda
7d4d6a10f83c87c7c9dd056786d1e84ca1d73133684adea7291ce1e9ca2fe43b
7ef5f8c42acdc6090f9296721db02d23ca969b022dff3061d857cc4ac9d519f8
7f0657baf493587ee21bf3e0cd64dc3b2ff0d6254f789c5d281f0c157e739ca1
7f1e84cbd9ebd48867830fb1153302bef634528d7fe061ea3aaeef44f0a5fca4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ad30ad3d868f3dbd6b0385dbf99c13a2f9b6da3232544127e0e9717754fc57
88c1f72aa4b0718ea9cbf306cc31dd877cbe74c84e8179be6f256f612ea24bc8
893ff22268e723441c5324f488c25de6dcb1833c153b0cdca1e252886e72eebb
8959553ed89b73e4b7b10b4a1ab1b49049b75b1ed98b61c4615a3e739e05a3e4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a60cbcbcdd7a3230a7a2b6ad96d69b9f9f0afc71e5f0e12376be5288ebeaadf
8a6dec881d50751f2d09e40136502a6abe953119d8f888e73e340ed6033239fe
8df15e729995f28af56812c6797376e30514d55c208813c59f6ba568fe4dbee9
8e1d670a9b0de4b0e0848acabed1cc085b84c44a266e47298e3027fcebb55d5d
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
915a7441690d36e41b2c9a1217fd700910961599dfed3d8d6c0895fbd451fb75
92a2c59af307ff18fe238afcd7a474bbfc83869a882ba3d6acf93a080a3ec401
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960
94eb062f034d9c0a3631943344065bc2e07d520367312378b596f2b1f2a65109
963f94c4d798ef9cba1d464c6dc4715fabb93d0763fcdbf7bc5bf2363b060d6f
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
988eefdb48a44600d064051069f94e470460bce2d0e46be8b3b294bd77ca02cc
995b63dd19719c2f2c752f4673f421eccf3026c6e6a2b196ef66687aedc5c2ee
995cd37f7b4bbc5a240f8a81b2ed5ecece879580518a2e4105955d4ff19f44b0
99a95f298b353680d9a67619d07e05bbdb8d67e52e3bf4539821fbe427a75efe
9c64af091fb4c66e9c61db03216d6b7e9637b5661d5e97114e3e85d97a0c833b
9d480c9c3ac2d51566647fe6d10862fec574e10c95c9716a054640b6e62074c8
9fc1ebdd1d49741a4f0aeb25fafa46d73290cb1381aed455ff8d23b44570acc1
9fc628ea2de051392f6f0e6cb4791a3921dce4dcc7ed0d0c7bde4bbd6174aa39
a2c2cd50ca7b2b99c838b08546a3e7ac1eaac631ed6b8ac7a705ef828e1c50ce
a46e820d2220cc8294b904183ac41dacc46c53a4113586b6d7938fd5d43757c4
a485cf2e2ad894f4fc341698ef0b08942defb525185618f2825d2a7dcfd8dd77
a57809a9b7a6c669c9e46fdd422597558ed02b02fa75d0867bebfa4a8c95a781
a6a23b70f7cf81d20d838a12b8c95592f5fa6dec30aa03c56f536a4fbf797650
a849dac33da858570a9911d5ed8b8c40e8646a14fbff50ac9aaee9048beb9453
a866f2ddcfad45c62d3b375ed5d353751e4e166d0bd40dd53395cd9810ee2642
a99d6557fbed42726fbfcd3d832c8290ed026bfffaeff69c9acf7d29941b8ba4
aa95eb8757140f09d3424399b939ed3f10a20c45c6c52476c614c9bc375eb667
ac2feca4963ef256b5de3dc7f92cd215fe0c5aeb9b77c9326470fdbb52b66579
ae018541d932cf7f893a7a8045b1202cbc41e35097049506041a417d87162da3
b08fe7505355a43ec5990f3270a46855fc33088257fbb623a33f888a306972b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2920fc18423a819a69ed51102a2a4b0cccd066e0c630678692815a6f7b717b8
b2df486de68077fc31340ba34ba4758c9bcad58c6f54e9c5ec82a1a13b9dfa46
b3de1212acd32858e1f9563fcc95aae2c394bbafeba3f008b9f33ff40f8f8a38
b46a3efd2e49807ceefabc2365d1923f9a52e49d346ff37780f4fc3577e9fcb2
b64d48b9209baf680024d2beab2d500039e613ede85c09bb5b8b40bf1ab222b6
b66d155fd52c1f2e15e817c9bc7909f6305b6522e5a47d38b52684787080f7d8
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b95d3646b2666e06064e5157e9087410eec1336de1668c87ee2d1de0e301b5c7
b97dfaba920ebcdf48e9e47b1dd031831cbb73fb9e885ef7a4af59bc9623a320
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb44c4cb430b9c92806843d8c70840217565fc3d6f74a47e4c0486f368b4ad25
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bd96247440bfe4919d5589866b065ccf4cc449c113085a4a26acdda29ffffe80
bdeda55981a57b53a56ddcc6cef9358e46d82a88f42ff41bc8191b52771d81ef
c04b42bbda9e38e518b4fdd45e2ebb94f9fcf7c8211223c45acd105f0d1b753b
c11659053985ce173aa03a89a59f2f12d420b5b091495c0d4dde0cd8d861190e
c8af6dec0b3007ddd916b16fe6f42d4b9404686dc6269f3ae8fae82bd151456d
c95930c32dad9532648824e1ea5921315ad7be2756329ab48932745d65829cc9
ca47b7a2aa24685bf578ba5336137dab83036a4d7cfdf6c9fe3cfeba626cc2e8
cae03aed2c650f2b7d32dd2a1a64630eb3a40484a6cbefcec300a5da2c93d4e7
cb6f68118b51eb89379519cbbc3526e741af47d7cec5b33622fb77c9be246494
cc163c04148fab47288854ba461ec9e3c213973513ad4167f7064716c12d2a99
cd66f006d9bf9f567d2724991f4e02f5597f4d6fad5a752bd138eaf3e5d8f989
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9b3937b122b2c960947ecd3ba443b93116241f9d703f6ada39a3bccdf59d99
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d2ab948a3355ade8261ceda8f2a3ced2a44229087cfaa4b58f96b7e923747231
d2edf6221e5035fe9721b536656a0454dcb0b9fc48ddb42c26ea4ff002f167bb
d57198bcebd98a277249e6e9321cd5aa58746ea1f0000449377aad5039a3b8f8
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d916e758724271e9bde68eb0f1a175f949b8d59772c0576df0bb968596f471ea
d93b3e0523a3044e8a26474cdce53e2de4a4c8ba1e72e090305037c37040e94f
da866393bb3ffb41ed94716e9857649423e6431535af052e7bf0283d3bb56ae4
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dbd21434a01bdc63075bfc9259c20b6a06b628267d25ee9683939ed2f088fffd
de4a51dbf7559be2bcbc6138bad7659dfd3cd09c3baa0d8c8354d70a5f0fd9c7
ded1f2a0b252bb9d3a8a84ff33f6231ac9d3536cfa19bd27c09672afd61cb65d
dfccd59823c28d55d7bff42c2a401b8f86ace283684a7949d90e0672364745be
e14d33ba8d1c8ff9db8eb5ee4375d4fc54a7143b33723f932f9f320daed58790
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50771a4bcfe1aaa347d70f10a6a12c88e6be6fde68dcc7988816782762fcfe4
e516bcf51aa9623e140f0dc321b4e58d619ff5eea946ad832c1f1f213929b792
e5c23c36b7fd933bf457831c06c6bd78b972f131cd7ae2f9fc2478020f4bb8a0
e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b
e87df7af2736769ae5a182fc99cffd6222c8a12ce2705949410d3f9d6753f75a
ea2a69582dba7d4e80c2388eb068093a9b517b7aab3c281639333e65695c3d88
ec84f32d1fcb430e07aef8fb7dd8910b8a65c94d5caad214983aa869b6ae70fb
ece19e848836af517d8bb5adab4da164ea70d1bd0d4c2f40d2a52ddd6e9adeda
ee707d2294be202b0f86143a82dacd424711ab254599c2b7e8dd7fd6de7d3bd4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4718e31cf0c8953a9e3c34246c3bb2c9ae9ce33ceb659ffa3bb2d238399a70
f0021d68103ea68726752e4b15a4575ff31339466f47d69811fd812da25c0658
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f2333d4e3ac730ff3547cc15aa86b6d764e4b7a1e8f80786aab40222efaa5d3f
f279f81ae0e7a8a707abc9bac4df8b11cd100c7611e4c5822b27a73d56260a96
f29801f4781f3c9f988125bc457f2d398ca7baa614c1ae1d93df6380a6b38405
f3072dc869a6e27098d1eb6ca54cddc752e0af85f94c58b38ec89accfb6dd2f8
f39e06c612ea39f12df39da5ffe79a7437c38ea97aa8cf37ccbee5198eaede3d
f46c1a968e9e532345da24d5fefb386ae911a1ea50e44338715259f9fcf1ece5
f48a757b9db644d77b35d580148ace016613caed08c87f512e045b68c862c228
f4e2181331f2b99c560c5c453f3c8cabd47889db51cf1a5f421838f650df6658
f580468cb36a20898996416bd21674c7f0a2d3da8cdf027fce4c68d790a998bc
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5c770cefd3e597957ab698d1318fa8d96412fdc8570980ba57351cd0b427408
f741a670221f7d93b17f9c344a0e36537ff670c414bec159086e8f566c6997bd
fa31eec2e9b84384d3fc2ad5181243a818e301d542f3500ead207d8f600f790e
fb319d26019b544217d85f9670fc7fabd7a34c263ecf6ee3229ed79db2110cbb
fbcaad7677c68b21da82107a3c43519a90f53913fc70caa872f964b3cd1a410f
fbcadc50fa4ac76ebceea52b5afee2223a3cbd73c25cdd581492074df794dfc3
fc201d00042cdb49c958f6e076b241204eaf30111ffd01b6a330d494ea6e6600
fe060df81345c3598fb1067860468455383f759ea6d8747413ee42b8af06885e
fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d
feabd2d3082a3072973a74ea19203eb66256913be1fe21e6dc1f04cf5a1eb09b
fefffe936cdae6d115237d35676966c9cd7c8db55a8259decb363851c4b69865