urlscan.io logo urlscan.io
SecurityTrails logo

simcast.com Open in urlscan Pro
45.79.244.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tryyourfirst.icu/
Effective URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Submission: On November 13 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 181 IPs in 10 countries across 169 domains to perform 667 HTTP transactions. The main IP is 45.79.244.12, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is simcast.com. The Cisco Umbrella rank of the primary domain is 245279.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 13th 2022. Valid for: a year.
This is the only time simcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 72.52.179.174 32244 (LIQUIDWEB)
11 45.79.244.12 63949 (LINODE-AP...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
20 2607:f8b0:400... 15169 (GOOGLE)
1 2600:3c02::f0... 63949 (LINODE-AP...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 34.230.93.42 14618 (AMAZON-AES)
24 2600:1400:d::... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 2607:f8b0:400... 15169 (GOOGLE)
1 23.221.200.33 16625 (AKAMAI-AS)
3 23.192.30.145 16625 (AKAMAI-AS)
8 2607:f8b0:400... 15169 (GOOGLE)
24 3.92.156.8 14618 (AMAZON-AES)
1 68.67.153.61 29990 (ASN-APPNEX)
1 2606:ae80:145... 26762 (CNVR-US-EAST)
1 35.211.165.199 15169 (GOOGLE)
4 104.18.18.126 13335 (CLOUDFLAR...)
4 5 35.169.31.254 14618 (AMAZON-AES)
1 169.63.109.126 36351 (SOFTLAYER)
4 9 68.67.160.117 29990 (ASN-APPNEX)
2 4 51.222.239.230 16276 (OVH)
1 145.40.89.200 54825 (PACKET)
1 2620:100:a001... 19750 (AS-CRITEO)
1 34.107.148.139 396982 (GOOGLE-CL...)
8 34.226.169.111 14618 (AMAZON-AES)
1 34.149.50.64 15169 (GOOGLE)
1 2a06:8640:454::2 55081 (24SHELLS)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 104.18.13.76 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
12 18.164.124.24 16509 (AMAZON-02)
1 2600:9000:220... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
13 54.164.239.233 14618 (AMAZON-AES)
1 3 143.204.144.76 16509 (AMAZON-02)
1 2600:9000:210... 16509 (AMAZON-02)
1 34.120.155.137 396982 (GOOGLE-CL...)
6 13 52.223.40.198 16509 (AMAZON-02)
1 34.202.126.101 14618 (AMAZON-AES)
3 34.200.185.2 14618 (AMAZON-AES)
1 108.138.106.33 16509 (AMAZON-02)
1 104.18.12.242 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 104.18.19.126 13335 (CLOUDFLAR...)
1 104.18.9.110 13335 (CLOUDFLAR...)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 3.226.186.45 14618 (AMAZON-AES)
1 3.89.34.248 14618 (AMAZON-AES)
1 192.35.249.143 11742 (SPOTX-IAD)
1 108.139.50.211 16509 (AMAZON-02)
1 104.64.59.24 16625 (AKAMAI-AS)
23 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
12 2620:100:a001::4 19750 (AS-CRITEO)
1 2404:6800:400... 15169 (GOOGLE)
1 108.139.47.67 16509 (AMAZON-02)
2 184.87.165.166 16625 (AKAMAI-AS)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
3 74.119.119.139 19750 (AS-CRITEO)
19 24 162.19.138.120 16276 (OVH)
1 54.156.207.182 14618 (AMAZON-AES)
1 3.223.138.69 14618 (AMAZON-AES)
2 5 142.250.176.198 15169 (GOOGLE)
1 35.164.244.115 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 108.138.128.28 16509 (AMAZON-02)
1 3.22.200.52 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
6 67.226.210.222 26120 (RHYTHMONE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2620:100:a001::3 19750 (AS-CRITEO)
1 2620:100:a001... 19750 (AS-CRITEO)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 141.95.98.65 16276 (OVH)
1 1 38.67.14.224 174 (COGENT-174)
11 36 142.250.72.98 15169 (GOOGLE)
2 2 104.45.178.220 8075 (MICROSOFT...)
4 4 185.167.164.49 198622 (ADFORM)
1 1 31.220.27.155 39572 (ADVANCEDH...)
4 4 35.207.24.140 15169 (GOOGLE)
2 6 3.218.90.66 14618 (AMAZON-AES)
1 74.119.119.147 19750 (AS-CRITEO)
3 13 2620:112:f002... 6336 (TURN-US-ASN)
9 79 199.127.204.142 26120 (RHYTHMONE)
3 2620:100:a001::a 19750 (AS-CRITEO)
2 2620:100:a001... 19750 (AS-CRITEO)
1 142.250.80.34 15169 (GOOGLE)
3 142.251.41.2 15169 (GOOGLE)
1 1 199.250.166.129 26459 (TTD-ASN-01)
3 7 108.138.106.43 16509 (AMAZON-02)
4 54.230.163.71 16509 (AMAZON-02)
2 184.87.165.153 16625 (AKAMAI-AS)
2 143.204.146.46 16509 (AMAZON-02)
4 2600:141b:f00... 20940 (AKAMAI-ASN1)
2 202.241.208.53 4694 (IDCF IDC ...)
2 34.249.73.217 16509 (AMAZON-02)
2 44.232.191.58 16509 (AMAZON-02)
2 54.80.21.143 14618 (AMAZON-AES)
3 5 96.46.183.20 7979 (SERVERS-COM)
2 8.2.111.121 46636 (NATCOWEB)
2 172.98.26.246 399668 (E-PLANNING-)
2 54.87.127.173 14618 (AMAZON-AES)
3 63.251.28.234 26558 (FREEWHEEL)
4 172.66.42.247 13335 (CLOUDFLAR...)
4 34.232.147.170 14618 (AMAZON-AES)
2 146.20.132.147 27357 (RACKSPACE)
2 2606:4700:1::... 13335 (CLOUDFLAR...)
8 174.137.133.32 27257 (WEBAIR-IN...)
2 4 8.28.7.83 62713 (AS-PUBMATIC)
2 4 198.148.27.140 19189 (PULSEPOINT)
11 23.227.139.243 55081 (24SHELLS)
3 10 52.46.151.131 16509 (AMAZON-02)
10 34.226.8.71 14618 (AMAZON-AES)
2 34.195.22.183 14618 (AMAZON-AES)
2 8.2.108.194 46636 (NATCOWEB)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 52.59.84.54 16509 (AMAZON-02)
2 52.206.71.0 14618 (AMAZON-AES)
2 3 8.2.110.134 46636 (NATCOWEB)
1 2 63.251.86.49 10913 (INTERNAP-BLK)
4 146.190.223.83 14061 (DIGITALOC...)
2 107.21.7.4 14618 (AMAZON-AES)
2 3.218.237.248 14618 (AMAZON-AES)
3 70.42.32.95 22075 (AS-OUTBRAIN)
2 54.205.113.20 14618 (AMAZON-AES)
2 4 147.75.198.217 54825 (PACKET)
2 151.139.128.10 20446 (STACKPATH...)
2 23.23.180.179 14618 (AMAZON-AES)
2 18.233.53.168 14618 (AMAZON-AES)
2 129.159.70.95 31898 (ORACLE-BM...)
2 4 2a04:4e42:200... 54113 (FASTLY)
2 35.221.57.18 396982 (GOOGLE-CL...)
2 167.172.154.244 14061 (DIGITALOC...)
2 144.126.248.223 14061 (DIGITALOC...)
1 1 51.81.11.180 16276 (OVH)
2 174.129.179.166 14618 (AMAZON-AES)
6 12 69.173.151.100 26667 (RUBICONPR...)
3 35.173.157.165 14618 (AMAZON-AES)
6 6 2600:9000:220... 16509 (AMAZON-02)
3 199.187.193.192 47043 (SMARTADSE...)
2 104.22.68.131 13335 (CLOUDFLAR...)
1 3 69.166.1.10 27630 (AS-XFERNET)
2 52.5.12.27 14618 (AMAZON-AES)
4 8 63.251.114.136 32475 (SINGLEHOP...)
2 5 192.35.249.138 11742 (SPOTX-IAD)
2 141.226.224.48 200478 (TABOOLA-AS)
1 3 2600:1f18:612... 14618 (AMAZON-AES)
1 4 35.71.139.29 16509 (AMAZON-02)
2 68.71.249.118 20093 (ZEROLAG)
2 2 69.90.254.78 13768 (COGECO-PEER1)
2 2 204.62.13.72 46636 (NATCOWEB)
2 18.164.116.23 16509 (AMAZON-02)
7 7 52.44.138.18 14618 (AMAZON-AES)
14 15 35.211.178.172 19527 (GOOGLE-2)
1 1 34.204.153.137 14618 (AMAZON-AES)
2 2 192.132.33.46 18568 (BIDTELLECT)
4 4 207.198.113.203 13768 (COGECO-PEER1)
2 2 3.213.189.24 14618 (AMAZON-AES)
11 15 107.178.246.49 15169 (GOOGLE)
4 4 2606:ae80:147... 26762 (CNVR-US-EAST)
2 2 151.101.193.44 54113 (FASTLY)
2 2 35.186.193.173 15169 (GOOGLE)
2 38.91.45.7 398989 (DEEPINTENT)
4 4 135.148.35.198 16276 (OVH)
4 4 18.214.193.123 14618 (AMAZON-AES)
2 2 74.121.140.14 30419 (MEDIAMATH...)
4 4 54.160.14.168 14618 (AMAZON-AES)
5 6 34.98.64.218 396982 (GOOGLE-CL...)
4 4 64.74.236.191 22075 (AS-OUTBRAIN)
2 5 23.195.100.217 16625 (AKAMAI-AS)
4 4 23.36.85.188 16625 (AKAMAI-AS)
4 4 8.28.7.82 62713 (AS-PUBMATIC)
2 2 104.36.115.109 62713 (AS-PUBMATIC)
2 2 2620:116:800b... 27281 (QUANTCAST)
2 2 51.222.105.60 16276 (OVH)
2 2 54.85.209.208 14618 (AMAZON-AES)
2 5 2620:112:f002... 6336 (TURN-US-ASN)
2 18.164.96.81 16509 (AMAZON-02)
4 4 2600:1f18:4e9... 14618 (AMAZON-AES)
3 3 199.38.167.130 54312 (ROCKETFUEL)
2 4 54.148.144.255 16509 (AMAZON-02)
2 2600:1f14:426... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 4 3.230.62.22 14618 (AMAZON-AES)
2 34.193.160.212 14618 (AMAZON-AES)
3 6 35.190.60.146 15169 (GOOGLE)
2 3 107.178.254.65 15169 (GOOGLE)
2 2 104.18.98.194 13335 (CLOUDFLAR...)
2 34.229.3.43 14618 (AMAZON-AES)
4 4 68.67.181.211 29990 (ASN-APPNEX)
1 1 99.83.190.102 16509 (AMAZON-02)
1 52.55.54.43 14618 (AMAZON-AES)
1 1 23.235.251.213 19437 (SS-ASH)
8 8 2600:1f18:1c9... 14618 (AMAZON-AES)
2 104.16.109.154 13335 (CLOUDFLAR...)
1 1 3.226.20.33 14618 (AMAZON-AES)
1 1 52.5.99.161 14618 (AMAZON-AES)
2 2 104.36.115.113 62713 (AS-PUBMATIC)
1 2600:1f16:e61... 16509 (AMAZON-02)
1 3 192.40.39.223 27381 (CASALE-MEDIA)
2 34.232.208.82 14618 (AMAZON-AES)
1 23.221.200.79 16625 (AKAMAI-AS)
1 35.190.113.31 15169 (GOOGLE)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 104.64.77.76 16625 (AKAMAI-AS)
4 204.154.110.86 36062 (DOUBLE-VE...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 135.125.160.77 16276 (OVH)
2 2 3.93.88.22 14618 (AMAZON-AES)
2 2 20.127.253.7 8075 (MICROSOFT...)
1 54.175.149.48 14618 (AMAZON-AES)
2 23.192.31.127 16625 (AKAMAI-AS)
1 52.95.125.22 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 54.85.21.126 14618 (AMAZON-AES)
1 184.87.164.21 16625 (AKAMAI-AS)
667 181
2    72.52.179.174 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
tryyourfirst.icu
11    45.79.244.12 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-12.atlanta.nodebalancer.linode.com
simcast.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700:3030::6815:631 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adapex.io
20    2607:f8b0:4006:808::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:3c02::f03c:91ff:fee2:5b0f (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
parking2.parklogic.com
5    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    34.230.93.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-93-42.compute-1.amazonaws.com
embed.sendtonews.com
24    2600:1400:d::173c:60b0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
1    2607:f8b0:4006:81e::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper
cat.hbwrapper.com
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
10    2607:f8b0:4006:80f::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    23.221.200.33 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-33.deploy.static.akamaitechnologies.com
a.teads.tv
3    23.192.30.145 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-30-145.deploy.static.akamaitechnologies.com
at.teads.tv
sync.teads.tv
8    2607:f8b0:4006:81c::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
24    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
1    68.67.153.61 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.nym2.adnexus.net
prebid.adnxs.com
1    2606:ae80:1451:21::500 (United States)

ASN26762 (CNVR-US-EAST, US)
web.hb.ad.cpe.dotomi.com
1    35.211.165.199 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
4    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
5    35.169.31.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-31-254.compute-1.amazonaws.com
ad.360yield.com
ice.360yield.com
1    169.63.109.126 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 7e.6d.3fa9.ip4.static.sl-reverse.com
in-appadvertising.com
9    68.67.160.117 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
4    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
1    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
8    34.226.169.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-169-111.compute-1.amazonaws.com
btlr.sharethrough.com
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    2a06:8640:454::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    2607:f8b0:4006:80e::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:80d::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2607:f8b0:4006:809::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
3    2607:f8b0:4006:80b::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    18.164.124.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-24.jfk50.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
1    2600:9000:2209:4e00:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
3    2607:f8b0:4006:824::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
13    54.164.239.233 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-239-233.compute-1.amazonaws.com
s2l.sendtonews.com
3    143.204.144.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-144-76.ewr52.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:210b:c200:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)
d3div1mtym39ic.cloudfront.net
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
13    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
1    34.202.126.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-126-101.compute-1.amazonaws.com
id.sv.rkdms.com
3    34.200.185.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-185-2.compute-1.amazonaws.com
timber.sendtonews.com
1    108.138.106.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-33.jfk50.r.cloudfront.net
player.sendtonews.com
1    104.18.12.242 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
3    2607:f8b0:4006:81d::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:80f::2006 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
dsum.casalemedia.com
1    104.18.9.110 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ds.reson8.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    3.226.186.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-186-45.compute-1.amazonaws.com
tlx.3lift.com
1    3.89.34.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-34-248.compute-1.amazonaws.com
prebid-server.rubiconproject.com
1    192.35.249.143 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
search.spotxchange.com
1    108.139.50.211 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-50-211.jfk50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    104.64.59.24 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-59-24.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
23    2607:f8b0:4006:80e::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
7    2607:f8b0:4006:81f::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
5    2607:f8b0:4006:80b::2004 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.google.com
12    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    2404:6800:4009:81f::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    108.139.47.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-67.jfk50.r.cloudfront.net
choices.trustarc.com
2    184.87.165.166 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-165-166.deploy.static.akamaitechnologies.com
svastx.moatads.com
z.moatads.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
24    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    54.156.207.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-207-182.compute-1.amazonaws.com
idx.liadm.com
1    3.223.138.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-138-69.compute-1.amazonaws.com
id.crwdcntrl.net
5    142.250.176.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f6.1e100.net
ad.doubleclick.net
1    35.164.244.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-244-115.us-west-2.compute.amazonaws.com
id.sharedid.org
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    3.22.200.52 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-200-52.us-east-2.compute.amazonaws.com
prod.uidapi.com
5    2607:f8b0:4006:823::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    67.226.210.222 (United States)

ASN26120 (RHYTHMONE, US)
a-iad2.1rx.io
3    2607:f8b0:4006:824::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
1    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
1    2607:f8b0:4006:820::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2607:f8b0:4009:1e::7 (Naperville, United States)

ASN15169 (GOOGLE, US)
r2---sn-vgqsrnz7.c.2mdn.net
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    38.67.14.224 (Jacksonville, United States)

ASN174 (COGENT-174, US)
aep.mxptint.net
36    142.250.72.98 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
cm.g.doubleclick.net
2    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
4    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
6    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
1    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
13    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
presentation-atl1.turn.com
ad.turn.com
r.turn.com
79    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
3    2620:100:a001::a (United States)

ASN19750 (AS-CRITEO, US)
pix.us.criteo.net
2    2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
1    142.250.80.34 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
googleads4.g.doubleclick.net
3    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
ade.googlesyndication.com
1    199.250.166.129 (United States)

ASN26459 (TTD-ASN-01, US)
vae-bid.adsrvr.org
7    108.138.106.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-43.jfk50.r.cloudfront.net
sb.scorecardresearch.com
4    54.230.163.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-71.ewr53.r.cloudfront.net
tagan.adlightning.com
2    184.87.165.153 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-165-153.deploy.static.akamaitechnologies.com
img.turncdn.com
2    143.204.146.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-46.ewr52.r.cloudfront.net
choices.truste.com
4    2600:141b:f000:3f::1731:fbda (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
2    202.241.208.53 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    34.249.73.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-73-217.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
2    44.232.191.58 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-232-191-58.us-west-2.compute.amazonaws.com
ads.altitude-arena.com
2    54.80.21.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-21-143.compute-1.amazonaws.com
sync.bfmio.com
5    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    8.2.111.121 (United States)

ASN46636 (NATCOWEB, US)
sync.colossusssp.com
2    172.98.26.246 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
sync.e-planning.net
2    54.87.127.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-127-173.compute-1.amazonaws.com
usersync.gumgum.com
3    63.251.28.234 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
4    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
router.infolinks.com
4    34.232.147.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-147-170.compute-1.amazonaws.com
cs.yellowblue.io
2    146.20.132.147 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
2    2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
8    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
4    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
11    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.sync.viewdeos.com
sync.adtelligent.com
sync.spotim.market
10    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
10    34.226.8.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-8-71.compute-1.amazonaws.com
sync.aniview.com
2    34.195.22.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-22-183.compute-1.amazonaws.com
ads.servenobid.com
2    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    2606:4700:10::6816:53d (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
2    52.59.84.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-84-54.eu-central-1.compute.amazonaws.com
match.justpremium.com
2    52.206.71.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-71-0.compute-1.amazonaws.com
crb.kargo.com
3    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
2    63.251.86.49 (Rhoadesville, United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
4    146.190.223.83 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
openrtb.cootlogix.com
2    107.21.7.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-7-4.compute-1.amazonaws.com
exchange.mediavine.com
2    3.218.237.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-237-248.compute-1.amazonaws.com
jadserve.postrelease.com
3    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    54.205.113.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-113-20.compute-1.amazonaws.com
usersync.getpublica.com
4    147.75.198.217 (United States)

ASN54825 (PACKET, US)
PTR: sync-1
sync.pubwise.io
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
pixel.servebom.com
2    23.23.180.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-180-179.compute-1.amazonaws.com
cs.minutemedia-prebid.com
2    18.233.53.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-53-168.compute-1.amazonaws.com
sync.springserve.com
2    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
4    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    35.221.57.18 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 18.57.221.35.bc.googleusercontent.com
ssp.api.tappx.com
2    167.172.154.244 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
2    144.126.248.223 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
x.videobyte.com
1    51.81.11.180 (Warrenton, United States)

ASN16276 (OVH, FR)
PTR: ns107026.ip-51-81-11.us
tracker.ortb.vuukle.com
2    174.129.179.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-179-166.compute-1.amazonaws.com
ads.yieldmo.com
12    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    35.173.157.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-157-165.compute-1.amazonaws.com
match.sharethrough.com
6    2600:9000:2209:7e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    199.187.193.192 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    104.22.68.131 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
3    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    52.5.12.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-12-27.compute-1.amazonaws.com
c.deployads.com
8    63.251.114.136 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
5    192.35.249.138 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
3    2600:1f18:612b:4232:6c23:5a2c:6d97:91e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
google.partners.tremorhub.com
4    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    68.71.249.118 (Toronto, Canada)

ASN20093 (ZEROLAG, US)
udmserve.net
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
2    18.164.116.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-23.jfk50.r.cloudfront.net
public.servenobid.com
7    52.44.138.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-138-18.compute-1.amazonaws.com
match.prod.bidr.io
15    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    34.204.153.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-153-137.compute-1.amazonaws.com
rtb.adstanding.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
4    207.198.113.203 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    3.213.189.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-189-24.compute-1.amazonaws.com
sync.crwdcntrl.net
15    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
4    2606:ae80:1471:17::1050 (United States)

ASN26762 (CNVR-US-EAST, US)
unruly-match.dotomi.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    135.148.35.198 (United States)

ASN16276 (OVH, FR)
PTR: ns1015826.ip-135-148-35.us
gu.dyntrk.com
4    18.214.193.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-193-123.compute-1.amazonaws.com
cs.emxdgt.com
2    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    54.160.14.168 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-14-168.compute-1.amazonaws.com
pm.w55c.net
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
4    64.74.236.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    23.195.100.217 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-100-217.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
x.dlx.addthis.com
4    23.36.85.188 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-85-188.deploy.static.akamaitechnologies.com
px.owneriq.net
4    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN27281 (QUANTCAST, US)
cms.quantserve.com
2    51.222.105.60 (Canada)

ASN16276 (OVH, FR)
PTR: ns576843.ip-51-222-105.net
sync2.resetdigital.co
2    54.85.209.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-209-208.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    18.164.96.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-81.jfk50.r.cloudfront.net
usr.undertone.com
4    2600:1f18:4e9:5a07:9547:efa7:eb91:ca4b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    54.148.144.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-144-255.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    2600:1f14:426:3f00:31cb:9e4b:85a9:ab59 (Boardman, United States)

ASN16509 (AMAZON-02, US)
ids.ad.gt
2    2606:4700:4400::ac40:9602 (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
4    3.230.62.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-62-22.compute-1.amazonaws.com
ps.eyeota.net
2    34.193.160.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-160-212.compute-1.amazonaws.com
beacon.krxd.net
6    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
3    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    104.18.98.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
4    68.67.181.211 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    99.83.190.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com
getpublica.com
1    52.55.54.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-54-43.compute-1.amazonaws.com
www.getpublica.com
1    23.235.251.213 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
8    2600:1f18:1c96:4102:e542:da3a:83ed:5fa3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
2    104.16.109.154 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    3.226.20.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-20-33.compute-1.amazonaws.com
rtb.gumgum.com
1    52.5.99.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-99-161.compute-1.amazonaws.com
sync.ipredictive.com
2    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2600:1f16:e61:3f02:77d9:b48f:f0d0:e412 (Columbus, United States)

ASN16509 (AMAZON-02, US)
dsp.v.fwmrm.net
3    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    34.232.208.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-208-82.compute-1.amazonaws.com
bpi.rtactivate.com
1    23.221.200.79 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-79.deploy.static.akamaitechnologies.com
contextual.media.net
1    35.190.113.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.113.190.35.bc.googleusercontent.com
atemda.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
1    104.64.77.76 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-77-76.deploy.static.akamaitechnologies.com
ad.yieldlab.net
4    204.154.110.86 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-phlb116.doubleverify.com
tps.doubleverify.com
tpsc-nyc.doubleverify.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
c.eu1.dyntrk.com
2    3.93.88.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-88-22.compute-1.amazonaws.com
cc.adingo.jp
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    54.175.149.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-149-48.compute-1.amazonaws.com
choices-or.trustarc.com
2    23.192.31.127 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    54.85.21.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-21-126.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    184.87.164.21 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-164-21.deploy.static.akamaitechnologies.com
cs.media.net
Apex Domain
Subdomains		 Transfer
81 1rx.io
a-iad2.1rx.io — Cisco Umbrella Rank: 10537
sync.1rx.io — Cisco Umbrella Rank: 519
71 KB
67 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
pubads.g.doubleclick.net — Cisco Umbrella Rank: 430
ad.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
240 KB
46 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 275
422 KB
33 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 814
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
7 KB
25 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 479
cdn.id5-sync.com — Cisco Umbrella Rank: 1084
51 KB
24 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 344
289 KB
20 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 11815
s2l.sendtonews.com — Cisco Umbrella Rank: 12525
timber.sendtonews.com — Cisco Umbrella Rank: 12838
player.sendtonews.com — Cisco Umbrella Rank: 13084
213 KB
18 turn.com
presentation-atl1.turn.com — Cisco Umbrella Rank: 5841
ad.turn.com — Cisco Umbrella Rank: 708
d.turn.com — Cisco Umbrella Rank: 1098
r.turn.com — Cisco Umbrella Rank: 3470
18 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
pix.us.criteo.net — Cisco Umbrella Rank: 2236
csm.us.criteo.net — Cisco Umbrella Rank: 2245
164 KB
16 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 899
x.bidswitch.net — Cisco Umbrella Rank: 281
8 KB
15 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
2 KB
15 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 922
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 544
19 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 290
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
12 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
insight.adsrvr.org — Cisco Umbrella Rank: 573
vae-bid.adsrvr.org — Cisco Umbrella Rank: 1679
48 KB
14 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d15kdpgjg3unno.cloudfront.net
d3div1mtym39ic.cloudfront.net
1006 KB
14 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 1450
ib.adnxs.com — Cisco Umbrella Rank: 209
secure.adnxs.com — Cisco Umbrella Rank: 426
14 KB
13 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
simage2.pubmatic.com — Cisco Umbrella Rank: 671
image8.pubmatic.com — Cisco Umbrella Rank: 561
image2.pubmatic.com — Cisco Umbrella Rank: 882
image6.pubmatic.com — Cisco Umbrella Rank: 662
3 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
gum.criteo.com — Cisco Umbrella Rank: 390
mug.criteo.com — Cisco Umbrella Rank: 2725
rtb.va.us.criteo.com — Cisco Umbrella Rank: 4990
ads.us.criteo.com — Cisco Umbrella Rank: 2205
cat.va.us.criteo.com — Cisco Umbrella Rank: 2584
dis.eu.criteo.com — Cisco Umbrella Rank: 6061
57 KB
11 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 961
match.sharethrough.com — Cisco Umbrella Rank: 498
3 KB
11 simcast.com
simcast.com — Cisco Umbrella Rank: 245279
123 KB
10 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
ce.lijit.com — Cisco Umbrella Rank: 862
8 KB
10 aniview.com
sync.aniview.com — Cisco Umbrella Rank: 2221
1 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
as-sec.casalemedia.com — Cisco Umbrella Rank: 1339
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
dsum.casalemedia.com — Cisco Umbrella Rank: 1372
5 KB
8 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1315
3 KB
8 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 636
sync.taboola.com — Cisco Umbrella Rank: 938
match.taboola.com — Cisco Umbrella Rank: 4200
2 KB
8 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1426
1000 B
8 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 448
tps.doubleverify.com — Cisco Umbrella Rank: 457
tpsc-nyc.doubleverify.com
219 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 465
2 KB
7 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 146
3 KB
7 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 762
id.rlcdn.com — Cisco Umbrella Rank: 540
idsync.rlcdn.com — Cisco Umbrella Rank: 321
1 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 656
us-u.openx.net — Cisco Umbrella Rank: 407
722 B
6 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 924
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5092
4 KB
6 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 661
3 KB
6 cootlogix.com
openrtb.cootlogix.com — Cisco Umbrella Rank: 3824
sync.cootlogix.com — Cisco Umbrella Rank: 6972
5 KB
6 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 496
sync.search.spotxchange.com — Cisco Umbrella Rank: 557
3 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
imasdk.googleapis.com — Cisco Umbrella Rank: 413
366 KB
6 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6055
sync.adtelligent.com — Cisco Umbrella Rank: 4017
3 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 201
cloudflare.com — Cisco Umbrella Rank: 123
34 KB
5 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1902
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
109 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 554
eb2.3lift.com — Cisco Umbrella Rank: 339
2 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 645
ice.360yield.com — Cisco Umbrella Rank: 1886
2 KB
5 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1891
unruly-match.dotomi.com — Cisco Umbrella Rank: 8913
1 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 926
2 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
3 KB
4 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 913
3 KB
4 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 480
tags.bluekai.com — Cisco Umbrella Rank: 508
2 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 531
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
3 KB
4 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 942
679 B
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 559
3 KB
4 pubwise.io
sync.pubwise.io — Cisco Umbrella Rank: 11511
732 B
4 getpublica.com
usersync.getpublica.com — Cisco Umbrella Rank: 2803
getpublica.com — Cisco Umbrella Rank: 2645
www.getpublica.com — Cisco Umbrella Rank: 47290
548 B
4 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1592
public.servenobid.com — Cisco Umbrella Rank: 3158
724 B
4 viewdeos.com
sync.sync.viewdeos.com — Cisco Umbrella Rank: 11967
2 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 510
2 KB
4 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 4958
1 KB
4 infolinks.com
router.infolinks.com — Cisco Umbrella Rank: 2500
1020 B
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1004
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 2723
1 KB
4 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1673
89 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 865
1 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 582
2 KB
4 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3496
sync.inmobi.com — Cisco Umbrella Rank: 1763
2 KB
4 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1433
tags.crwdcntrl.net — Cisco Umbrella Rank: 984
sync.crwdcntrl.net — Cisco Umbrella Rank: 714
11 KB
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
170 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
2 KB
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1371
at.teads.tv — Cisco Umbrella Rank: 4729
sync.teads.tv — Cisco Umbrella Rank: 1226
4 KB
3 pippio.com
pippio.com — Cisco Umbrella Rank: 668
672 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 695
2 KB
3 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1057
google.partners.tremorhub.com — Cisco Umbrella Rank: 9154
1 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 857
2 KB
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
2 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 774
598 B
3 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 5153
2 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 679
2 KB
3 gumgum.com
usersync.gumgum.com — Cisco Umbrella Rank: 1898
rtb.gumgum.com — Cisco Umbrella Rank: 1292
776 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
142 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
gcdn.2mdn.net — Cisco Umbrella Rank: 906
r2---sn-vgqsrnz7.c.2mdn.net — Cisco Umbrella Rank: 74542
1 MB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1201
contextual.media.net — Cisco Umbrella Rank: 535
cs.media.net — Cisco Umbrella Rank: 1349
8 KB
2 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3567
831 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
1 KB
2 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1668
217 B
2 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 1912
626 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1388
248 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 471
478 B
2 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 530
674 B
2 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1653
782 B
2 ad.gt
ids.ad.gt — Cisco Umbrella Rank: 3441
868 B
2 undertone.com
usr.undertone.com — Cisco Umbrella Rank: 3930
939 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 665
1 KB
2 resetdigital.co
sync2.resetdigital.co — Cisco Umbrella Rank: 4671
894 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 615
980 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 801
373 B
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3066
437 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 682
661 B
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2481
962 B
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1195
1 KB
2 udmserve.net
udmserve.net — Cisco Umbrella Rank: 2856
396 B
2 deployads.com
c.deployads.com — Cisco Umbrella Rank: 8609
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 618
930 B
2 videobyte.com
x.videobyte.com — Cisco Umbrella Rank: 4618
379 B
2 tappx.com
ssp.api.tappx.com — Cisco Umbrella Rank: 4777
738 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1152
1 KB
2 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3330
411 B
2 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 5293
627 B
2 servebom.com
pixel.servebom.com — Cisco Umbrella Rank: 9619
489 B
2 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 2114
814 B
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 967
1 KB
2 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1179
371 B
2 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1619
1008 B
2 justpremium.com
match.justpremium.com — Cisco Umbrella Rank: 3718
649 B
2 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 8304
155 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4787
864 B
2 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 1253
638 B
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2663
1 KB
2 e-planning.net
sync.e-planning.net — Cisco Umbrella Rank: 4747
207 B
2 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1862
352 B
2 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1532
864 B
2 altitude-arena.com
ads.altitude-arena.com — Cisco Umbrella Rank: 6514
374 B
2 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2749
794 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 883
2 KB
2 truste.com
choices.truste.com — Cisco Umbrella Rank: 704
20 KB
2 turncdn.com
img.turncdn.com — Cisco Umbrella Rank: 15650
54 KB
2 moatads.com
svastx.moatads.com — Cisco Umbrella Rank: 2171
z.moatads.com — Cisco Umbrella Rank: 406
141 KB
2 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 705
choices-or.trustarc.com — Cisco Umbrella Rank: 3777
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
2 smilewanted.com
prebid.smilewanted.com Failed
csync.smilewanted.com — Cisco Umbrella Rank: 3580
386 B
2 tryyourfirst.icu
tryyourfirst.icu
3 KB
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1406
613 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
570 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3970
522 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1218
298 B
1 atemda.com
atemda.com — Cisco Umbrella Rank: 4919
1 KB
1 fwmrm.net
dsp.v.fwmrm.net — Cisco Umbrella Rank: 16198
411 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1192
191 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 830
485 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 4030
613 B
1 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 8392
359 B
1 vuukle.com
tracker.ortb.vuukle.com — Cisco Umbrella Rank: 10101
541 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11526
290 B
1 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 5984
720 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1158
398 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 2780
5 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 2563
904 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2286
428 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1250
17 KB
1 reson8.com
ds.reson8.com — Cisco Umbrella Rank: 2568
346 B
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 8126
47 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4157
345 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
13 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
693 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 6153
880 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
166 B
1 in-appadvertising.com
in-appadvertising.com — Cisco Umbrella Rank: 14686
547 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 15336
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
43 KB
1 parklogic.com
parking2.parklogic.com — Cisco Umbrella Rank: 674961
851 B
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 22161
150 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
30 KB
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 intentiq.com Failed
sync.intentiq.com — Cisco Umbrella Rank: 1215 Failed
0 ffbtas.com Failed
ffbtas.com — Cisco Umbrella Rank: 9439 Failed
0 gwallet.com Failed
rp.gwallet.com Failed
0 clickagy.com Failed
aorta.clickagy.com Failed
0 fidelity-media.com Failed
x.fidelity-media.com Failed
0 feedad.com Failed
api.feedad.com Failed
0 loopme.me Failed
csync.loopme.me Failed
667 169
Domain Requested by
75 sync.1rx.io 7 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
36 cm.g.doubleclick.net 11 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
simcast.com
24 id5-sync.com 19 redirects cdn.adapex.io
cdn.id5-sync.com
presentation-atl1.turn.com
24 c2shb.pubgw.yahoo.com cdn.adapex.io
24 img-s-msn-com.akamaized.net simcast.com
20 pagead2.googlesyndication.com simcast.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
www.googletagservices.com
tagan.adlightning.com
19 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
simcast.com
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
tagan.adlightning.com
15 pixel.tapad.com 11 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
15 x.bidswitch.net 14 redirects
13 s2l.sendtonews.com embed.sendtonews.com
12 static.criteo.net cdn.adapex.io
static.criteo.net
securepubads.g.doubleclick.net
ads.us.criteo.com
12 d29xw9s9x32j3w.cloudfront.net embed.sendtonews.com
simcast.com
11 simcast.com tryyourfirst.icu
simcast.com
code.jquery.com
10 sync.aniview.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
10 s.amazon-adsystem.com 3 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
simcast.com
10 securepubads.g.doubleclick.net cdn.adapex.io
securepubads.g.doubleclick.net
simcast.com
tryyourfirst.icu
9 ib.adnxs.com 4 redirects cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
8 sync.tidaltv.com 8 redirects
8 ce.lijit.com 4 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
8 pixel.rubiconproject.com 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
simcast.com
8 sync.adkernel.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
8 match.adsrvr.org 6 redirects js-sec.indexww.com
8 btlr.sharethrough.com cdn.adapex.io
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
7 match.prod.bidr.io 7 redirects
7 sb.scorecardresearch.com 3 redirects simcast.com
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
7 pubads.g.doubleclick.net imasdk.googleapis.com
6 r.turn.com presentation-atl1.turn.com
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
cdn.doubleverify.com
6 s.ad.smaato.net 6 redirects
6 a-iad2.1rx.io aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
a-iad2.1rx.io
5 d.turn.com 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
5 sync.search.spotxchange.com 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
5 sync.adtelligent.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
5 ads.betweendigital.com 3 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
5 ups.analytics.yahoo.com 1 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 ad.doubleclick.net 2 redirects svastx.moatads.com
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
5 insight.adsrvr.org imasdk.googleapis.com
5 www.google.com tpc.googlesyndication.com
simcast.com
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
5 cdnjs.cloudflare.com simcast.com
embed.sendtonews.com
ads.us.criteo.com
4 token.rubiconproject.com 4 redirects
4 us-u.openx.net 3 redirects presentation-atl1.turn.com
4 secure.adnxs.com 4 redirects
4 ps.eyeota.net 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
4 dpm.demdex.net 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
4 pr-bh.ybp.yahoo.com 4 redirects
4 image8.pubmatic.com 4 redirects
4 px.owneriq.net 4 redirects
4 b1sync.zemanta.com 4 redirects
4 pm.w55c.net 4 redirects
4 cs.emxdgt.com 4 redirects
4 gu.dyntrk.com 4 redirects
4 unruly-match.dotomi.com 4 redirects
4 pixel-sync.sitescout.com 4 redirects
4 eb2.3lift.com 1 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
4 trc.taboola.com 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
4 sync.pubwise.io 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
4 openrtb.cootlogix.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
4 sync.sync.viewdeos.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
4 bh.contextweb.com 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
4 simage2.pubmatic.com 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
4 cs.yellowblue.io aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
4 router.infolinks.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
4 cdn.doubleverify.com presentation-atl1.turn.com
tagan.adlightning.com
4 tagan.adlightning.com presentation-atl1.turn.com
4 presentation-atl1.turn.com a-iad2.1rx.io
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
4 rtb.mfadsrvr.com 4 redirects
4 c1.adform.net 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 onetag-sys.com 2 redirects cdn.adapex.io
3 dsum-sec.casalemedia.com 1 redirects presentation-atl1.turn.com
3 pippio.com 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
3 idsync.rlcdn.com 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
3 id.rlcdn.com 1 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
3 p.rfihub.com 3 redirects
3 ad.turn.com 3 redirects
3 sync.go.sonobi.com 1 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
3 rtb-csync.smartadserver.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
3 match.sharethrough.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
3 sync.outbrain.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
3 cs.krushmedia.com 2 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
3 ads.stickyadstv.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
presentation-atl1.turn.com
3 ade.googlesyndication.com
3 pix.us.criteo.net ads.us.criteo.com
3 www.googletagservices.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
3 mug.criteo.com
3 fonts.gstatic.com fonts.googleapis.com
3 timber.sendtonews.com embed.sendtonews.com
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
3 fonts.googleapis.com embed.sendtonews.com
securepubads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
3 ad.360yield.com 2 redirects cdn.adapex.io
3 embed.sendtonews.com simcast.com
tryyourfirst.icu
embed.sendtonews.com
2 tpsc-nyc.doubleverify.com cdn.doubleverify.com
2 eus.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
eus.rubiconproject.com
2 sync.inmobi.com 2 redirects
2 cc.adingo.jp 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 tps.doubleverify.com tagan.adlightning.com
2 bpi.rtactivate.com presentation-atl1.turn.com
2 sync.teads.tv presentation-atl1.turn.com
2 image6.pubmatic.com 2 redirects
2 ice.360yield.com 2 redirects
2 dmp.truoptik.com presentation-atl1.turn.com
2 loadm.exelator.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 p.adsymptotic.com 2 redirects
2 beacon.krxd.net aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 idpix.media6degrees.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 tags.bluekai.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 ids.ad.gt aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 usermatch.targeting.unrulymedia.com 2 redirects
2 usr.undertone.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 sync.srv.stackadapt.com 2 redirects
2 sync2.resetdigital.co 2 redirects
2 cms.quantserve.com 2 redirects
2 image2.pubmatic.com 2 redirects
2 stags.bluekai.com 2 redirects
2 u.openx.net 2 redirects
2 sync.mathtag.com 2 redirects
2 ssum-sec.casalemedia.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 match.deepintent.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 cm.ctnsnet.com 2 redirects
2 match.taboola.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 bttrack.com 2 redirects
2 public.servenobid.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 inv-nets.admixer.net 2 redirects
2 ums.acuityplatform.com 2 redirects
2 udmserve.net aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 partners.tremorhub.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 sync.taboola.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 c.deployads.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 csync.smilewanted.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 ads.yieldmo.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 x.videobyte.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 sync.cootlogix.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 ssp.api.tappx.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 sync.technoratimedia.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 sync.springserve.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 cs.minutemedia-prebid.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 pixel.servebom.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 usersync.getpublica.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 sync.spotim.market aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 jadserve.postrelease.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 exchange.mediavine.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 ap.lijit.com 1 redirects aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 crb.kargo.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 match.justpremium.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 ex.ingage.tech aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 us.ck-ie.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 ads.servenobid.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 cm.mgid.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 cs.lkqd.net aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 usersync.gumgum.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 sync.e-planning.net aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 sync.colossusssp.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 sync.bfmio.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 ads.altitude-arena.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 synchroscript.deliveryengine.adswizz.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 tg.socdm.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 sync.targeting.unrulymedia.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
2 choices.truste.com presentation-atl1.turn.com
2 img.turncdn.com presentation-atl1.turn.com
2 csm.us.criteo.net ads.us.criteo.com
2 mweb.ck.inmobi.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 htlb.casalemedia.com cdn.adapex.io
d29xw9s9x32j3w.cloudfront.net
2 tryyourfirst.icu tryyourfirst.icu
1 cs.media.net
1 dsum.casalemedia.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 px.ads.linkedin.com simcast.com
1 aax-eu.amazon-adsystem.com simcast.com
1 google.partners.tremorhub.com 1 redirects
1 choices-or.trustarc.com
1 s.tribalfusion.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 ad.yieldlab.net presentation-atl1.turn.com
1 pixel.advertising.com 1 redirects
1 dis.eu.criteo.com 1 redirects
1 atemda.com presentation-atl1.turn.com
1 contextual.media.net presentation-atl1.turn.com
1 dsp.v.fwmrm.net presentation-atl1.turn.com
1 x.dlx.addthis.com presentation-atl1.turn.com
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 server.cpmstar.com 1 redirects
1 www.getpublica.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
1 getpublica.com 1 redirects
1 rtb.adstanding.com 1 redirects
1 tracker.ortb.vuukle.com 1 redirects
1 vae-bid.adsrvr.org 1 redirects
1 googleads4.g.doubleclick.net
1 cat.va.us.criteo.com ads.us.criteo.com
1 s.uuidksinc.net 1 redirects
1 aep.mxptint.net 1 redirects
1 lb.eu-1-id5-sync.com cdn.adapex.io
1 r2---sn-vgqsrnz7.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 ads.us.criteo.com aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
1 rtb.va.us.criteo.com tryyourfirst.icu
1 z.moatads.com svastx.moatads.com
1 prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 id.crwdcntrl.net cdn.adapex.io
1 idx.liadm.com cdn.adapex.io
1 svastx.moatads.com imasdk.googleapis.com
1 choices.trustarc.com
1 csi.gstatic.com imasdk.googleapis.com
1 secure.cdn.fastclick.net tryyourfirst.icu
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 search.spotxchange.com d29xw9s9x32j3w.cloudfront.net
1 prebid-server.rubiconproject.com d29xw9s9x32j3w.cloudfront.net
1 tlx.3lift.com d29xw9s9x32j3w.cloudfront.net
1 hbopenbid.pubmatic.com d29xw9s9x32j3w.cloudfront.net
1 ds.reson8.com cdn.resonate.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 s0.2mdn.net imasdk.googleapis.com
1 cdn.resonate.com embed.sendtonews.com
1 player.sendtonews.com embed.sendtonews.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
cdn.adapex.io
1 d3div1mtym39ic.cloudfront.net simcast.com
1 d15kdpgjg3unno.cloudfront.net embed.sendtonews.com
1 js-sec.indexww.com embed.sendtonews.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ghb.adtelligent.com cdn.adapex.io
1 s.seedtag.com cdn.adapex.io
1 prebid.media.net cdn.adapex.io
1 bidder.criteo.com cdn.adapex.io
1 prebid.a-mo.net cdn.adapex.io
1 in-appadvertising.com cdn.adapex.io
1 grid.bidswitch.net cdn.adapex.io
1 web.hb.ad.cpe.dotomi.com cdn.adapex.io
1 prebid.adnxs.com cdn.adapex.io
1 at.teads.tv a.teads.tv
1 a.teads.tv cdn.adapex.io
1 cloudflare.com cdn.adapex.io
1 cat.hbwrapper.com cdn.adapex.io
1 www.googletagmanager.com simcast.com
1 parking2.parklogic.com simcast.com
1 cdn.adapex.io simcast.com
1 code.jquery.com simcast.com
0 cs.chocolateplatform.com Failed aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
0 sync.intentiq.com Failed aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
0 ffbtas.com Failed aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
0 rp.gwallet.com Failed aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
0 aorta.clickagy.com Failed aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
0 x.fidelity-media.com Failed aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
0 api.feedad.com Failed aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
0 csync.loopme.me Failed aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
0 prebid.smilewanted.com Failed cdn.adapex.io
667 256

This site contains links to these domains. Also see Links.

Domain
namesilo.com
Subject Issuer Validity Valid
*.simcast.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-13 -
2023-10-14		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.parklogic.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-03 -
2023-01-03		 a year crt.sh
*.sendtonews.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
cat.hbwrapper.com
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-02-28 -
2023-03-31		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.360yield.com
Amazon		 2022-08-16 -
2023-09-14		 a year crt.sh
*.in-appadvertising.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-06 -
2023-06-29		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
securedvisit.com
Amazon		 2022-10-29 -
2023-11-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.spotxchange.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-14		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.liadm.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
id.sharedid.org
Amazon		 2022-11-08 -
2023-12-07		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.va.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-08 -
2023-01-09		 3 months crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-30 -
2023-01-03		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-02 -
2023-04-01		 a year crt.sh
*.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-07 -
2023-02-07		 3 months crt.sh
*.adlightning.com
Amazon		 2022-06-09 -
2023-07-07		 a year crt.sh
*.turncdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-11 -
2023-07-12		 a year crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2022-05-24 -
2023-06-25		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon		 2022-02-14 -
2023-03-15		 a year crt.sh
*.altitude-arena.com
Amazon		 2022-01-28 -
2023-02-27		 a year crt.sh
*.bfmio.com
Amazon		 2022-04-16 -
2023-05-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2022-09-08 -
2023-10-10		 a year crt.sh
*.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-19 -
2023-05-19		 a year crt.sh
*.yellowblue.io
Amazon		 2022-04-23 -
2023-05-22		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-07-18		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
sync.sync.viewdeos.com
ZeroSSL ECC Domain Secure Site CA		 2022-11-06 -
2023-02-04		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-09-26 -
2022-12-25		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.aniview.com
Amazon		 2022-01-05 -
2023-02-03		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2022-07-13 -
2023-08-11		 a year crt.sh
tracking.justpremium.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.app.kargo.com
Amazon		 2022-01-06 -
2023-02-03		 a year crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-13 -
2022-11-13		 a year crt.sh
exchange.mediavine.com
Amazon		 2022-05-05 -
2023-06-03		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2021-10-24 -
2022-11-24		 a year crt.sh
*.getpublica.com
Amazon		 2022-06-01 -
2023-06-30		 a year crt.sh
pixel.servebom.com
R3		 2022-09-27 -
2022-12-26		 3 months crt.sh
cs.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
*.springserve.com
Amazon		 2022-09-20 -
2023-10-20		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
ssp.api.tappx.com
R3		 2022-10-21 -
2023-01-19		 3 months crt.sh
x.videobyte.com
R3		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.yieldmo.com
Amazon		 2022-09-12 -
2023-10-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.deployads.com
Amazon		 2022-05-04 -
2023-06-02		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2022-05-02 -
2023-05-09		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
udmserve.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-25 -
2023-06-25		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.undertone.com
Amazon		 2022-09-03 -
2023-10-01		 a year crt.sh
ids.ad.gt
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
dstillery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-05 -
2023-04-28		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
rtactivate.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.atemda.com
Go Daddy Secure Certificate Authority - G2		 2022-01-10 -
2023-02-11		 a year crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2022-01-14 -
2023-01-13		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh

This page contains 25 frames:

Primary Page: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Frame ID: 053EF5119258B59005F0181351CFB7DB
Requests: 167 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html
Frame ID: 09577F9639B99586E8AB446558F5C28A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1668378916&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668378916034&bpp=3&bdt=484&idt=196&shv=r20221109&mjsv=m202211080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1803849476203&frm=20&pv=2&ga_vid=396667311.1668378916&ga_sid=1668378916&ga_hid=1666953408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44770881%2C44774292%2C21066431%2C44777924&oid=2&pvsid=113185230850889&tmod=1006125930&uas=0&nvt=1&ref=http%3A%2F%2Ftryyourfirst.icu%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=214
Frame ID: D9AE8574648265D03611D6DE5BAE219C
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 4DC8AABF01A485B4D1F6537C88DEA45F
Requests: 18 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Frame ID: ACFAC85DBCE7221F18CD817BD27C7F83
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F670F9D6C27213FC2093938B9038C93
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 233DA69CA7C21C32B999E401BF561640
Requests: 2 HTTP requests in this frame

Frame: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: F9D0C98CF706137D7C894954BA3094A3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 7CD3E288F2F4E46ADA512B06CA5E8CD0
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=simcast.com
Frame ID: 7E15998611677E2FEB73A3EDA3410DAB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: A50CCD88382ADAEB9AACBC5EDD876B45
Requests: 16 HTTP requests in this frame

Frame: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 6DD4BEE3711880A5A547A8E228E050D2
Requests: 149 HTTP requests in this frame

Frame: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 85099F66982BD236B3550984D1E132E5
Requests: 10 HTTP requests in this frame

Frame: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 68589236D2CAAD1BA3009FF6A7A7DC53
Requests: 150 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Frame ID: B11BD3BCB5EA60401408550E25A6F131
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D91E19CBA239ADB0336D81CA9B30541C
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: 967B283935A11F5E46B845266A60060E
Requests: 4 HTTP requests in this frame

Frame: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Frame ID: 6AF529B36776F64E5D56DC3D30EF4AE1
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B4196CE62AED62238FD1383F34C50385
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: 9C72D1A74005DDB05084F58F1C0C4E82
Requests: 4 HTTP requests in this frame

Frame: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Frame ID: D576B7821FE07E46B167E206C4F2F997
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A696D073AD58F5CFC562BC8551B1B56F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FDC98371DB989D9DDD8B9D7632ABAC7B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FBD40ECA86075E409B3331E9B88ED92E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8E3C0BC1B063EE10A00ED7BF1941B123
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simcast News portal.

Page URL History Show full URLs

  1. http://tryyourfirst.icu/ Page URL
  2. http://tryyourfirst.icu/page/bouncy.php?&bpae=GbhOd60molx7j3N1PAspr%2FEr%2FXOPd34nwjXzR%2BPpskfBNh4c... Page URL
  3. https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

667
Requests

74 %
HTTPS

24 %
IPv6

169
Domains

256
Subdomains

181
IPs

10
Countries

5931 kB
Transfer

12018 kB
Size

253
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tryyourfirst.icu/ Page URL
  2. http://tryyourfirst.icu/page/bouncy.php?&bpae=GbhOd60molx7j3N1PAspr%2FEr%2FXOPd34nwjXzR%2BPpskfBNh4cqXl617Elrp%2F%2Bo%2Fy5PlXGTT1wvzP43mEuvVUlaxC2EkH%2BSvjPK%2FMj0epEDjabLA9GomcTqEYtdo3JMSp2P2kYmbVLvARbychz03JFDUeT44XUh6taplUWWdHoXpG4qKBYX00dZRHdtJrY%2BpY1Wye6Z2zwQcyN6HNWMG2sjwfwgR6Ue7%2FTkKugjN7qD%2B8P%2FbNRW4q7wzNvQB85m7qo56SzzDN93tyd0FGIEr%2FwvVWkXjRA4%2FR8ZGZGvzZScm7s3jPGyUg6gTatbID%2FedU89t5pB63JTvKEU3pRpy%2FXfZ%2Bvc6ZvjDRYRnedrdmByozFwo0saRkKGUnV7ltxHbs6W7grPECJaNB218dS3tMi067ClQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 187
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=mg4HrHx5U3dVYnc4MDd1NytVNTNzNXAzSlpLNUV1OVRJY0hhQ3NNaUZmS3M2K20wZnJVZExUcFR0Q2g2RDlSUlFiRThxbVdleTd6S1ZQQkozNjFHb2hIQkpYL0owaWhaS2RlQWNPZUhHOW4yTGdJTENjWDBWY2UxZitSZ3RVZGhGVTc0RXJDWVpxaEhZUHRQeXBKSDBwMmdCVy9NU213RHJHREJ1Nkk4SGI3RVpXVEJ0N042NGhvSzRLODJRdEtFeStYdFdmTHplTDJuRndUVmRFWlA1QUtlSTF3M3A5bDBSd1ZCOHdRdDc2NjFxYXVBPXw&cppv=2
Request Chain 218
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=simcast.com&sn=ChromeSyncframe&so=0&topUrl=simcast.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=p1fK9XxUY0xZdWZScE90OUpzRmkwZkUxa29sQlg1MXlRdG9XeWFWT3lDa05xWkNORjRTRDFPb0QwbCt1Tnc2ejR3U0lmSVlyMXloYVJvUDJqbk43czhYd1NlM3VrZG9NQ2tUbUp5TW9Bd3hMc1VQaWxBQVpCQnRNV1pET3pPeEg4eHlkT3krcjZscXhaVm9zTmxxRXdpOFlsc0MwdHhWdzB4a2pBNmdoWWV4dzdRMVhWcytHS0o3OHVCRkl5dHNIa2dGaHl5Q1UxNEc5elVlSEJxVEdGKy9sN25xSGNFeEtkbTErVk1tQk5ESEw2WTl4TWFxaFZYNUo2VS9UbS93TjJpZWdRTmVkcHB2L3FuRVNsQlJnMXovMkhPZz09fA&cppv=2
Request Chain 243
  • https://gcdn.2mdn.net/videoplayback/id/38016109cdc666b6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803206166/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B9F21DAA802CC9A02099FEB9BDE2312B4B616EEC.8576250650BD54A94141D66DAABC5DEA37FEA88F/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-vgqsrnz7.c.2mdn.net/videoplayback/id/38016109cdc666b6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803206166/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55993217F8AD93F45081BE78BA250890E42CB962.27E6D60A339AD31800FC9FF05B57EB9308D7E595/key/cms1/cms_redirect/yes/mh/5y/mip/2602:ffc8:1:1::7/mm/42/mn/sn-vgqsrnz7/ms/onc/mt/1668378058/mv/u/mvi/2/pl/48/file/file.mp4
Request Chain 248
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEKyM-RkEmiFny26fsG_WkCo&google_cver=1&google_push=ASkJ3Fb-Gfa3HhAUA6560iwIBcQ3hVM781f7TO0vvbLufTPAl-N7zgxMGe6Jx6N0nPkZi3AmTMCYh6QH90pefeyqmkscHCM2I7EY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ASkJ3Fb-Gfa3HhAUA6560iwIBcQ3hVM781f7TO0vvbLufTPAl-N7zgxMGe6Jx6N0nPkZi3AmTMCYh6QH90pefeyqmkscHCM2I7EY&google_hm=UjFENTMxX0Y5NEVCMERDXzdEMDY3NTA5
Request Chain 249
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=1&google_push=ASkJ3Fbm4qPNDDH02FaO9eEN9Bg0VB4ajyROeehKEMCO8XDzERs68Ftthyc0StU0EmgVHbusDDzu0jNrRr2-5qLSJTSDRCGJLT-O HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTM3NDc0MmItZGQ0Ni00YzU1LTg5NmMtZWFhYjY1ODdjYzc3&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=1&google_push=ASkJ3Fbm4qPNDDH02FaO9eEN9Bg0VB4ajyROeehKEMCO8XDzERs68Ftthyc0StU0EmgVHbusDDzu0jNrRr2-5qLSJTSDRCGJLT-O
Request Chain 250
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMuFQkoPyPSvsWXlgIMK0JU&google_cver=1&google_push=ASkJ3Fb3wiORi-8H_ag0QwoMNyYcLqU2emwB0mkv5TUf0KRBjfoR2H0rasmcG1F7TISN2R2Ozh-i2RuV14V94BBlMrX5bglg-EA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMuFQkoPyPSvsWXlgIMK0JU&google_cver=1&google_push=ASkJ3Fb3wiORi-8H_ag0QwoMNyYcLqU2emwB0mkv5TUf0KRBjfoR2H0rasmcG1F7TISN2R2Ozh-i2RuV14V94BBlMrX5bglg-EA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ4MTE4NzQ4NDk4NzQzNjQ1MA&google_push=ASkJ3Fb3wiORi-8H_ag0QwoMNyYcLqU2emwB0mkv5TUf0KRBjfoR2H0rasmcG1F7TISN2R2Ozh-i2RuV14V94BBlMrX5bglg-EA
Request Chain 251
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEOcqxMtz4cHgmaBveCTq8E8&c_param1=ASkJ3FY2hUg7bwXMIgzr-m9DH-GFM8YZ-mjvBEDsHmM2H08dtPFuJ4CKdSDRsPqJl8PRlHCvVoElQ87EFrEo0hAhkfNbRGOL9hI&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FY2hUg7bwXMIgzr-m9DH-GFM8YZ-mjvBEDsHmM2H08dtPFuJ4CKdSDRsPqJl8PRlHCvVoElQ87EFrEo0hAhkfNbRGOL9hI
Request Chain 252
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEv7pwm_oCg_1jBcIImUCew&google_cver=1&google_push=ASkJ3Fa1tzF_k2kIf_VL_hfIhaeeEEbqUUjisn8IqeSjoFPyTgaL8D6xStvC6Kid1oLzJYECVTTZR9yOpFCjlE4P5nDcNpGWNF9B HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhHMh_v2zcy0BliUqF9hgJnslHtIDhaEarg&google_push=ASkJ3Fa1tzF_k2kIf_VL_hfIhaeeEEbqUUjisn8IqeSjoFPyTgaL8D6xStvC6Kid1oLzJYECVTTZR9yOpFCjlE4P5nDcNpGWNF9B
Request Chain 253
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEFnZ0FsMSY4cwm131dqFgSA&google_cver=1&google_push=ASkJ3FbJzuPdtbjnusnVlRCTr6iZd58h81tj2EJMT296NJkLs0ntoqJASKfCpIthZSWlD25X1CL_j9pIOcPyGI0VNrs3F9FqotRBrw HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEFnZ0FsMSY4cwm131dqFgSA&google_cver=1&google_push=ASkJ3FbJzuPdtbjnusnVlRCTr6iZd58h81tj2EJMT296NJkLs0ntoqJASKfCpIthZSWlD25X1CL_j9pIOcPyGI0VNrs3F9FqotRBrw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=wJBSfsi7Sue4QJiDYPzgOw==&no_redirect=1&google_push=ASkJ3FbJzuPdtbjnusnVlRCTr6iZd58h81tj2EJMT296NJkLs0ntoqJASKfCpIthZSWlD25X1CL_j9pIOcPyGI0VNrs3F9FqotRBrw
Request Chain 254
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHpUtQCzaNnFbpuVJZMsgqk&google_cver=1&google_push=ASkJ3FbHG3ITLlyLH2GM9OupDaX90EMyX8Z-9hkox0Epqqne-O87oAk961tTQwwFSBoAvKqNXFXkvcTWelzcyvZKs1R0z7xropY5rA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uakptYlNwRTJ1SExDZ0FnaDV0ZUJESlV2TUhhSDJrdX5B&google_push=ASkJ3FbHG3ITLlyLH2GM9OupDaX90EMyX8Z-9hkox0Epqqne-O87oAk961tTQwwFSBoAvKqNXFXkvcTWelzcyvZKs1R0z7xropY5rA
Request Chain 264
  • https://sync.1rx.io/usersyncall?impinit=1 HTTP 302
  • https://sync.1rx.io/usersyncall?rcc=1
Request Chain 270
  • https://sync.1rx.io/usersyncall?impinit=1 HTTP 302
  • https://sync.1rx.io/usersyncall?rcc=1
Request Chain 286
  • https://vae-bid.adsrvr.org/bid/feedback/google?t=1&iid=2e9f07bb-6aca-4df9-83b7-bc09b4d18a30&crid=2zxxzb3e&wp=Y3FxJQAJ-isITwSsAArA_6dESMxvBYu3Q9W4kw&aid=1&wpc=USD&sfe=15a8f125&puid=CAESEF9SahGOUQ7Rj3FmOPjxApw&tdid=&pid=7e23la0&ag=xejceum&adv=28pqcab&sig=1uzCv3vaAt3TuCQCjfvIpYTugqaYflWlyAgcMtCJ8nGk.&bp=18&cf=3592660&fq=0&td_s=simcast.com&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=pub-9505823743978337&did=2147221&rcxt=Other&lat=&lon=&tmpc=&daid=&vp=0&osi=&osv=&bv=1&vvp=100&mk=Google&mdl=Chrome%20-%20Windows&testid=mkts-4636-disabled&vpb=PreRoll&c=MAQ4AkgAUARYAYABAIgBApABALABALoBBQi0ARgCyQEzMzMzM7NBQA..&dur=CkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..&durs=bua7fp&crrelr=&said=FXmf02SyNYzrSrEpd8IOvA%3D%3D&auct=3&cxdur=0-15&cxlvs=0&im=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OGEyNTJiOTMtMjhkMy00MGEwLWJmMjQtMTgxMjg0OTg5Nzg3&gdpr=0&gdpr_consent=&ttd_tdid=8a252b93-28d3-40a0-bf24-181284989787 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=8a252b93-28d3-40a0-bf24-181284989787&google_gid=CAESEF9SahGOUQ7Rj3FmOPjxApw&google_cver=1
Request Chain 295
  • https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1668378916696&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=2359689&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1668378919005&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2309&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=NBA&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1668378916696&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=2359689&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1668378919005&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2309&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=NBA&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0
Request Chain 299
  • https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949565;dc_trk_aid=538543975;dc_trk_cid=178403173;ord=2896496827964140638;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949565;dc_pre=COb1zeabrPsCFQIFaAgdH3cHkQ;dc_trk_aid=538543975;dc_trk_cid=178403173;ord=2896496827964140638;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 305
  • https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949583;dc_trk_aid=538543981;dc_trk_cid=178403173;ord=3545328753956556032;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949583;dc_pre=CN3wzeabrPsCFTEEaAgdyJcFvQ;dc_trk_aid=538543981;dc_trk_cid=178403173;ord=3545328753956556032;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 316
  • https://ads.betweendigital.com/match?bidder_id=116&external_user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3949199317 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=116&external_user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3949199317&crf=1
Request Chain 328
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=5698702766 HTTP 302
  • https://simage2.pubmatic.com/AdServer/5698702766
Request Chain 340
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_cm=1&google_hm=BU6MihofvEA-iL4Qx2T95nU&rndcb=174602673 HTTP 302
  • https://sync.1rx.io/syncpixel/rmpssp?sub=google&rndcb=174602673&google_gid=CAESEEUlwQW7yZ2T65FqOTMRpH0&google_cver=1
Request Chain 346
  • https://cs.krushmedia.com/bcceb9af87ecb29c4c43c11ae93b1cc9.gif?puid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&redir=[RED]&rndcb=852102173 HTTP 302
  • https://ap.lijit.com/pixel?cs=1&vsid=1312938566623046000V10&type=sov&ovsid=e21aa261-00b2-4800-a51a-8bde5150b6d1&redir=https%3A%2F%2Fcs.krushmedia.com%2Fa22c97a398162cd2b45b2be65de85a42.gif%3Fpuid%3D%24UID HTTP 307
  • https://cs.krushmedia.com/a22c97a398162cd2b45b2be65de85a42.gif?puid=FpYrdQZHtPzoiSclTbOgNJke
Request Chain 356
  • https://sync.pubwise.io/usersync/unrulydspctv/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005?rndcb=6763947079 HTTP 302
  • https://sync.pubwise.io/usersync/unrulydspctv/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005?zcc=1
Request Chain 367
  • https://tracker.ortb.vuukle.com/sync?id=35&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1914571214 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Ftracker.ortb.vuukle.com%2Fsync%3Fid%3D24%26uid%3D%24UID%0A
Request Chain 372
  • https://s.ad.smaato.net/c/?dspInit=1001678&dspCookie=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=4760316021 HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001678&dspCookie=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=4760316021&cookieCheck=1 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=592dbee6
Request Chain 384
  • https://ums.acuityplatform.com/tum?umid=34&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Facuityadsdsp%2F%2F___AUID___%3Fzcc%3D0%26sspret%3D1&rndcb=6269928106 HTTP 302
  • https://sync.1rx.io/usersync3/acuityadsdsp//708547767479?zcc=0&sspret=1
Request Chain 385
  • https://c1.adform.net/serving/cookie/match/?party=1262&redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fadform%2F%2F__ADFUID__%3Fzcc%3D0%26sspret%3D1&rndcb=6497495985 HTTP 302
  • https://sync.1rx.io/usersync3/adform//3481187484987436450?zcc=0&sspret=1
Request Chain 386
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=566E1BC0-12FE-4859-A973-45B6C91FB046&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Fadmixerdsp%2F%24%24visitor_cookie%24%24&rndcb=2375060983 HTTP 302
  • https://sync.1rx.io/usersync/admixerdsp/40b4d01df3584208ac50d6e48c50fdc9
Request Chain 387
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=6527435940 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus//3466350839015920407?zcc=0&sspret=1&rndcb=6527435940
Request Chain 389
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=2096942777 HTTP 303
  • https://sync.1rx.io/usersync/beeswax/AACws07G4uIAACCR69Mn3A
Request Chain 390
  • https://ads.betweendigital.com/match?bidder_id=44126&callback_url=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fbetweenx%2F%2F%24%7BUSER_ID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=6967979017 HTTP 302
  • https://sync.1rx.io/usersync3/betweenx//1dfa079c-9b83-533e-a1dd-3d9dc2ac4cba?zcc=0&sspret=1
Request Chain 391
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7839496284 HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=adconductor&bidswitch_custom_parameter=646fd8ed-ac69-4a32-a122-20903ac4341c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=1ece8d45ddd757fe1fcc963d30ab1ed7&expires=30&ssp=adconductor&bsw_param=646fd8ed-ac69-4a32-a122-20903ac4341c HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/646fd8ed-ac69-4a32-a122-20903ac4341c?gdpr=&gdpr_consent=
Request Chain 392
  • https://bttrack.com/pixel/cookiesync?source=f25db61a-4f72-43bf-894b-e4ad5f845495&secure=1&rndcb=4911031983 HTTP 302
  • https://sync.1rx.io/usersync/bidtellect/b95991f0-5551-4da8-9167-d92e55298dcf
Request Chain 393
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=918697690 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=918697690 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553%26partner_url%3Dhttps%253A%252F%252Fsync.1rx.io%252Fusersync3%252Fcentro%252F%252F9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553%253Fzcc%253D0%2526sspret%253D1%2526rndcb%253D918697690 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553&partner_url=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553%3Fzcc%3D0%26sspret%3D1%26rndcb%3D918697690 HTTP 302
  • https://sync.1rx.io/usersync3/centro//9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553?zcc=0&sspret=1&rndcb=918697690
Request Chain 395
  • https://unruly-match.dotomi.com/match/bounce/current?networkId=94316&version=1&nuid=%3CUNRULY_USERID%3E&rndcb=825886475 HTTP 302
  • https://unruly-match.dotomi.com/match/bounce/current?DotomiTest=8d34d0fc6421629&is_secure=true&networkId=94316&version=1&nuid=%3CUNRULY_USERID%3E&rndcb=825886475 HTTP 302
  • https://sync.1rx.io/usersync/conversant/AAABzvFT9OZywgNGAjmfAAAAAAA?r=1&expiration=1668465321&nuid=%3CUNRULY_USERID%3E&is_secure=true&rndcb=825886475
Request Chain 396
  • https://trc.taboola.com/sg/rhythm-ssp-network/1/rtb-h?taboola_hm=1&rndcb=6734013333 HTTP 302
  • https://match.taboola.com/sg/rhythm-ssp-network/1/rtb-h?taboola_hm=1&tbid=52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8&query=taboola_hm%3D1%26rndcb%3D6734013333&isDirect=0 HTTP 302
  • https://sync.1rx.io/usersync/convert/52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8
Request Chain 397
  • https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcrimtan%2F%2F%5Buser_id%5D%3Fzcc%3D0%26sspret%3D1&rndcb=8027854048 HTTP 302
  • https://sync.1rx.io/usersync3/crimtan//d5f3e722aa17410ebce4d11d325baadd?zcc=0&sspret=1
Request Chain 399
  • https://gu.dyntrk.com/adx/ro/us.php?dynk=rh4thm0n33&callback=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fdynadmic%2F%2F%24DYNADMIC_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=8869000589 HTTP 302
  • https://gu.dyntrk.com/adx/ro/us.php?dynk=rh4thm0n33&callback=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fdynadmic%2F%2F%24DYNADMIC_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=8869000589&prevuid=05030002_637171286390e&knw=1 HTTP 302
  • https://sync.1rx.io/usersync3/dynadmic//05030002_637171286390e?zcc=0&sspret=1
Request Chain 400
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Femx%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=5293174005 HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Femx%2F%2F%24EMXUID%3Fzcc%3D0%26sspret%3D1&b64_redirect=aHR0cHM6Ly9zeW5jLjFyeC5pby91c2Vyc3luYzMvZW14Ly8kRU1YVUlEP3pjYz0wJnNzcHJldD0x HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=3466350839015920407&redirect=https://sync.1rx.io/usersync3/emx//$EMXUID?zcc=0&sspret=1&b64_redirect=aHR0cHM6Ly9zeW5jLjFyeC5pby91c2Vyc3luYzMvZW14Ly8kRU1YVUlEP3pjYz0wJnNzcHJldD0x HTTP 302
  • https://sync.1rx.io/usersync3/emx//3466350839015920407brt56801668378921585499b4?zcc=0&sspret=1
Request Chain 401
  • https://ad.360yield.com/server_match?partner_id=1699&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fimprovedigital%2F%2F%7BPUB_USER_ID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7606348547 HTTP 302
  • https://sync.1rx.io/usersync3/improvedigital//100556db-b1b8-4709-bd17-f415fe8f25ce?zcc=0&sspret=1&rndcb=7606348547
Request Chain 404
  • https://rtb.mfadsrvr.com/sync?ssp=rhythmone&ssp_user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7203592116 HTTP 302
  • https://sync.1rx.io/usersync/mediaforce/c090527e-c8bb-4ae7-b840-988360fce03b
Request Chain 405
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=8968210183 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest//7a036371-7129-4900-9d06-795152530117?zcc=0&sspret=1
Request Chain 407
  • https://pm.w55c.net/ping_match.gif?st=UNRULY&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Foneview%2F%2F_wfivefivec_%3Fzcc%3D0%26sspret%3D1&rndcb=2942193047 HTTP 302
  • https://sync.1rx.io/usersync3/oneview//HOgpAizu1OUlzq5?zcc=0&sspret=1&rndcb=2942193047
Request Chain 408
  • https://u.openx.net/w/1.0/cm?id=23f8a601-6b3c-4339-9d30-d214c4518f2b&r=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Fopenx%2F&rndcb=2377102450 HTTP 302
  • https://sync.1rx.io/usersync/openx/&rndcb=2377102450f055119c-1d39-452c-9911-39dc03e06a7f
Request Chain 409
  • https://b1sync.zemanta.com/usersync/rhythmone/?cb=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Foutbrain%2F%2F__ZUID__%3Fzcc%3D0%26sspret%3D1&rndcb=2325817809 HTTP 302
  • https://stags.bluekai.com/site/23178?id=fPDy1ZSLFTGyri-wCSNl&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS643ZNZRS4MLSPAXGS3ZPOVZWK4TTPFXGGMZPN52XIYTSMFUW4LZPMZIEI6JRLJJUYRSUI54XE2JNO5BVGTTMH5SXQY3IMFXGOZJ5OJUHS5DINVXW4ZJGONZXA4TFOQ6TCJT2MNRT2MA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS643ZNZRS4MLSPAXGS3ZPOVZWK4TTPFXGGMZPN52XIYTSMFUW4LZPMZIEI6JRLJJUYRSUI54XE2JNO5BVGTTMH5SXQY3IMFXGOZJ5OJUHS5DINVXW4ZJGONZXA4TFOQ6TCJT2MNRT2MA HTTP 302
  • https://sync.1rx.io/usersync3/outbrain//fPDy1ZSLFTGyri-wCSNl?sspret=1&zcc=0
Request Chain 410
  • https://px.owneriq.net/ero?redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fowneriq%2F%2F%28OIQ_id%29%3Fzcc%3D0%26sspret%3D1&rndcb=378237653 HTTP 302
  • https://sync.1rx.io/usersync3/owneriq//Q7216653201746239856P?zcc=0&sspret=1
Request Chain 411
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159277&pu=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fpubmatic%2F%2F%23PMUID%3Fzcc%3D0%26sspret%3D1&rndcb=5721084146 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEM3QUIwMjMtRTdBQy00RjkwLThBNDAtNzYyQURFM0E5MTQ4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync3/pubmatic//A08508D9-102C-4280-88EE-2D1A24469070?zcc=0&sspret=1
Request Chain 412
  • https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fpulse%2F%2F%25%25VGUID%25%25%3Fzcc%3D0%26sspret%3D1&rndcb=6503737876 HTTP 302
  • https://sync.1rx.io/usersync3/pulse//aSpTw72oBezE?zcc=0&sspret=1
Request Chain 413
  • https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0&siteId=995936&rndcb=2945969174 HTTP 302
  • https://sync.1rx.io/usersync/quantcast/EVh_QBBaekgKCCtGEg9lFBUPeUIKCSlFRVJDmAJN?gdpr=0
Request Chain 415
  • https://sync2.resetdigital.co/csync?pid=Unruly&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fresetdigital%2F%2FBUYER_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=7215477949 HTTP 302
  • https://sync.1rx.io/usersync3/resetdigital//000000D2D129FFB2?zcc=0&sspret=1
Request Chain 416
  • https://s.ad.smaato.net/c/?adExInit=u&redir=http%3A%2F%2Fsync.1rx.io%2Fusersync%2Fsmaato%2F%24UID?&rndcb=6914591553 HTTP 302
  • https://sync.1rx.io/usersync/smaato/592dbee6
Request Chain 417
  • https://sync.search.spotxchange.com/partner?adv_id=8801&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fspotx%2F%2F%24SPOTX_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=8453951571 HTTP 302
  • https://sync.1rx.io/usersync3/spotx//728114fc-63a3-11ed-aabe-12a4cdd40003?zcc=0&sspret=1
Request Chain 418
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=3395298238 HTTP 302
  • https://sync.1rx.io/usersync/stackadapt/0-2fe279f7-bf79-4c9c-7c2f-9cff9dc25394$ip$104.237.193.29
Request Chain 419
  • https://cs.ffbtas.com/usnci?i=1&ec=rhy&r=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Ftlvmedia%2F&rndcb=1559771851 HTTP 302
  • https://cs.ffbtas.com/ HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
Request Chain 420
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3660462295 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/8a252b93-28d3-40a0-bf24-181284989787
Request Chain 422
  • https://ad.turn.com/r/cs?pid=45&rndcb=2538386384 HTTP 302
  • https://sync.1rx.io/usersync/turn/3847914353920511232?dspret=1&redir=http%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzg1MjQ2ODY4%2Fmpuid%2F%5BRX_UUID%5D&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Request Chain 424
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=7593361622 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A HTTP 302
  • https://sync.1rx.io/usersync/verizon/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
Request Chain 426
  • https://p.rfihub.com/cm?pub=28593&in=1&rndcb=2531759028 HTTP 302
  • https://sync.1rx.io/usersync/zeta/2810035083213440694
Request Chain 427
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005?rndcb=5678381342 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Request Chain 432
  • https://ps.eyeota.net/match?bid=d6m4omv&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7710264312 HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=d6m4omv&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7710264312
Request Chain 434
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=541745869&pcid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1831935221 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=541745869&pcid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1831935221&ckls=true&ci=0WY5amjLMo&nc=false&trid=363064568 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D541745869%26rnd%3D-123732149%26pcid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPhZ_nMQ43TX3hq1ZffXtr0&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:84E77A959F4D41A9AB9BEEEBF77DE0DA HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=541745869&rnd=-1324732179&pcid=A08508D9-102C-4280-88EE-2D1A24469070 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D541745869%3B1402230080%26rnd%3D342537597&pcid=$UID HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=541745869;1402230080&rnd=342537597&pcid=3466350839015920407 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D541745869%3B1402230080%3B1709765917%26rnd%3D911717490%26pcid%3D__UID__ HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=201339086&mi=10&csh=541745869;1402230080;1709765917&rnd=911717490&pcid=Y3FxKFOaQijXOw9VfulAuwAA%26549 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D541745869%3B1402230080%3B1709765917%3B201339086%26rnd%3D2058006220%26pcid%3D$UID HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=541745869;1402230080;1709765917;201339086&rnd=2058006220&pcid=2086264215600615833812 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D541745869%3B1402230080%3B1709765917%3B201339086%3B259151345%26rnd%3D-753903125%26pcid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618110e63fc8f&advId=100&advUuid=LAFXQDQC-C-2NT5&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1725065545%26pcid%3DLAFXQDQC-C-2NT5 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LAFXQDQC-C-2NT5 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D541745869%3B1402230080%3B1709765917%3B201339086%3B259151345%3B1725065545%26rnd%3D2005715089%26pcid%3D HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=541745869;1402230080;1709765917;201339086;259151345;1725065545&rnd=2005715089&pcid=94c6e74e-2aca-4fb4-8d99-f61749106516
Request Chain 436
  • https://id.rlcdn.com/711061.gif?rndcb=1852615090 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CJWzKxoNCKrixZsGEgUI6AcQAEIASgA
Request Chain 437
  • https://idsync.rlcdn.com/709771.gif?partner_uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=6965343401 HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIquLFmwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIquLFmwYSBAgCEABCAEoA&google_gid=CAESEKfafHeDEPx95x7oYsimioQ&google_cver=1 HTTP 307
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06582603 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06582603&_expected_cookie=b993e679184cc26fe51124e047656283 HTTP 302
  • https://pippio.com/api/sync?pid=710202&it=1&iv=b993e679184cc26fe51124e047656283
Request Chain 439
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3134&partner_device_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1618718778 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3466350839015920407&pt=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
Request Chain 462
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8432319229 HTTP 302
  • https://simage2.pubmatic.com/AdServer/8432319229
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_cm=1&google_hm=BXAxjXW7KEJhl8i3RGOaXWs&rndcb=1788121701 HTTP 302
  • https://sync.1rx.io/syncpixel/rmpssp?sub=google&rndcb=1788121701&google_gid=CAESEEUlwQW7yZ2T65FqOTMRpH0&google_cver=1
Request Chain 480
  • https://cs.krushmedia.com/bcceb9af87ecb29c4c43c11ae93b1cc9.gif?puid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&redir=[RED]&rndcb=8910937996 HTTP 302
  • https://getpublica.com/usermatch/did=70844629-3a3f-48fe-b8b8-26efd6038169KrushID=70844629-3a3f-48fe-b8b8-26efd6038169 HTTP 301
  • https://www.getpublica.com/usermatch/did=70844629-3a3f-48fe-b8b8-26efd6038169KrushID=70844629-3a3f-48fe-b8b8-26efd6038169
Request Chain 490
  • https://sync.pubwise.io/usersync/unrulydspctv/RX-70318d75-bb28-4261-97c8-b744639a5d6b-005?rndcb=8991860299 HTTP 302
  • https://sync.pubwise.io/usersync/unrulydspctv/RX-70318d75-bb28-4261-97c8-b744639a5d6b-005?zcc=1
Request Chain 501
  • https://tracker.ortb.vuukle.com/sync?id=35&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8912618595 HTTP 302
  • https://sync.go.sonobi.com/us?https://tracker.ortb.vuukle.com/sync?id=44&uid=[UID] HTTP 302
  • https://tracker.ortb.vuukle.com/sync?id=44&uid=4a835794-74c0-4aa8-945b-26bd565a9291 HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Ftracker.ortb.vuukle.com%2Fsync%3Fid%3D43%26uid%3D%7Bdevice_id%7D%0A%26pubid%3D11486
Request Chain 506
  • https://s.ad.smaato.net/c/?dspInit=1001678&dspCookie=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=191282894 HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001678&dspCookie=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=191282894&cookieCheck=1 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=592dbee6
Request Chain 518
  • https://ums.acuityplatform.com/tum?umid=34&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Facuityadsdsp%2F%2F___AUID___%3Fzcc%3D0%26sspret%3D1&rndcb=6760432899 HTTP 302
  • https://sync.1rx.io/usersync3/acuityadsdsp//708547785164?zcc=0&sspret=1
Request Chain 519
  • https://c1.adform.net/serving/cookie/match/?party=1262&redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fadform%2F%2F__ADFUID__%3Fzcc%3D0%26sspret%3D1&rndcb=8558289307 HTTP 302
  • https://sync.1rx.io/usersync3/adform//3481187484987436450?zcc=0&sspret=1
Request Chain 520
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=566E1BC0-12FE-4859-A973-45B6C91FB046&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Fadmixerdsp%2F%24%24visitor_cookie%24%24&rndcb=3414362298 HTTP 302
  • https://sync.1rx.io/usersync/admixerdsp/c1985aac076242d5a84e2abcba33ba3e
Request Chain 521
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=1422113363 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus//3466350839015920407?zcc=0&sspret=1&rndcb=1422113363
Request Chain 523
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=1069533745 HTTP 303
  • https://sync.1rx.io/usersync/beeswax/AACws07G4uIAACCR69Mn3A
Request Chain 524
  • https://ads.betweendigital.com/match?bidder_id=44126&callback_url=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fbetweenx%2F%2F%24%7BUSER_ID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=963008015 HTTP 302
  • https://sync.1rx.io/usersync3/betweenx//1dfa079c-9b83-533e-a1dd-3d9dc2ac4cba?zcc=0&sspret=1
Request Chain 525
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=7565248655 HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=646fd8ed-ac69-4a32-a122-20903ac4341c&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dadconductor%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=adconductor&user_id=AUD9M5xiNlz2VIl7_ZU90 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/646fd8ed-ac69-4a32-a122-20903ac4341c?gdpr=&gdpr_consent=
Request Chain 526
  • https://bttrack.com/pixel/cookiesync?source=f25db61a-4f72-43bf-894b-e4ad5f845495&secure=1&rndcb=2179708900 HTTP 302
  • https://sync.1rx.io/usersync/bidtellect/2fa5038f-0579-4836-b65c-1335814137e4
Request Chain 527
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=1034645985 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=1034645985 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553%26partner_url%3Dhttps%253A%252F%252Fsync.1rx.io%252Fusersync3%252Fcentro%252F%252F9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553%253Fzcc%253D0%2526sspret%253D1%2526rndcb%253D1034645985 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553&partner_url=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553%3Fzcc%3D0%26sspret%3D1%26rndcb%3D1034645985 HTTP 302
  • https://sync.1rx.io/usersync3/centro//9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553?zcc=0&sspret=1&rndcb=1034645985
Request Chain 529
  • https://unruly-match.dotomi.com/match/bounce/current?networkId=94316&version=1&nuid=%3CUNRULY_USERID%3E&rndcb=8040088116 HTTP 302
  • https://unruly-match.dotomi.com/match/bounce/current?DotomiTest=4bf255d7b59163d&is_secure=true&networkId=94316&version=1&nuid=%3CUNRULY_USERID%3E&rndcb=8040088116 HTTP 302
  • https://sync.1rx.io/usersync/conversant/AAAH33qDQkdOiwMAkSB8AAAAAAA?r=1&expiration=1668465321&nuid=%3CUNRULY_USERID%3E&is_secure=true&rndcb=8040088116
Request Chain 530
  • https://trc.taboola.com/sg/rhythm-ssp-network/1/rtb-h?taboola_hm=1&rndcb=2350217088 HTTP 302
  • https://match.taboola.com/sg/rhythm-ssp-network/1/rtb-h?taboola_hm=1&tbid=52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8&query=taboola_hm%3D1%26rndcb%3D2350217088&isDirect=0 HTTP 302
  • https://sync.1rx.io/usersync/convert/52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8
Request Chain 531
  • https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcrimtan%2F%2F%5Buser_id%5D%3Fzcc%3D0%26sspret%3D1&rndcb=5374458337 HTTP 302
  • https://sync.1rx.io/usersync3/crimtan//d5f3e722aa17410ebce4d11d325baadd?zcc=0&sspret=1
Request Chain 533
  • https://gu.dyntrk.com/adx/ro/us.php?dynk=rh4thm0n33&callback=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fdynadmic%2F%2F%24DYNADMIC_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=4371687271 HTTP 302
  • https://gu.dyntrk.com/adx/ro/us.php?dynk=rh4thm0n33&callback=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fdynadmic%2F%2F%24DYNADMIC_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=4371687271&prevuid=05030002_637171286390e&knw=1 HTTP 302
  • https://sync.1rx.io/usersync3/dynadmic//05030002_637171286390e?zcc=0&sspret=1
Request Chain 534
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Femx%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=4845929657 HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Femx%2F%2F%24EMXUID%3Fzcc%3D0%26sspret%3D1&b64_redirect=aHR0cHM6Ly9zeW5jLjFyeC5pby91c2Vyc3luYzMvZW14Ly8kRU1YVUlEP3pjYz0wJnNzcHJldD0x HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=3466350839015920407&redirect=https://sync.1rx.io/usersync3/emx//$EMXUID?zcc=0&sspret=1&b64_redirect=aHR0cHM6Ly9zeW5jLjFyeC5pby91c2Vyc3luYzMvZW14Ly8kRU1YVUlEP3pjYz0wJnNzcHJldD0x HTTP 302
  • https://sync.1rx.io/usersync3/emx//3466350839015920407brt56801668378921585499b4?zcc=0&sspret=1
Request Chain 535
  • https://ad.360yield.com/server_match?partner_id=1699&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fimprovedigital%2F%2F%7BPUB_USER_ID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=339836938 HTTP 302
  • https://sync.1rx.io/usersync3/improvedigital//100556db-b1b8-4709-bd17-f415fe8f25ce?zcc=0&sspret=1&rndcb=339836938
Request Chain 538
  • https://rtb.mfadsrvr.com/sync?ssp=rhythmone&ssp_user_id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5853630049 HTTP 302
  • https://sync.1rx.io/usersync/mediaforce/c090527e-c8bb-4ae7-b840-988360fce03b
Request Chain 539
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=2441417468 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest//956e6371-7129-4f00-a890-627b6b8e9ca2?zcc=0&sspret=1
Request Chain 541
  • https://pm.w55c.net/ping_match.gif?st=UNRULY&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Foneview%2F%2F_wfivefivec_%3Fzcc%3D0%26sspret%3D1&rndcb=1067785811 HTTP 302
  • https://sync.1rx.io/usersync3/oneview//HOgpAizu1OUlzq5?zcc=0&sspret=1&rndcb=1067785811
Request Chain 542
  • https://u.openx.net/w/1.0/cm?id=23f8a601-6b3c-4339-9d30-d214c4518f2b&r=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Fopenx%2F&rndcb=4758713279 HTTP 302
  • https://sync.1rx.io/usersync/openx/&rndcb=4758713279f055119c-1d39-452c-9911-39dc03e06a7f
Request Chain 543
  • https://b1sync.zemanta.com/usersync/rhythmone/?cb=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Foutbrain%2F%2F__ZUID__%3Fzcc%3D0%26sspret%3D1&rndcb=1637019449 HTTP 302
  • https://stags.bluekai.com/site/23178?id=rDDwvHhuRyW6T86pUZbW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS643ZNZRS4MLSPAXGS3ZPOVZWK4TTPFXGGMZPN52XIYTSMFUW4LZPOJCEI53WJBUHKUTZK43FIOBWOBKVUYSXH5SXQY3IMFXGOZJ5OJUHS5DINVXW4ZJGONZXA4TFOQ6TCJT2MNRT2MA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS643ZNZRS4MLSPAXGS3ZPOVZWK4TTPFXGGMZPN52XIYTSMFUW4LZPOJCEI53WJBUHKUTZK43FIOBWOBKVUYSXH5SXQY3IMFXGOZJ5OJUHS5DINVXW4ZJGONZXA4TFOQ6TCJT2MNRT2MA HTTP 302
  • https://sync.1rx.io/usersync3/outbrain//rDDwvHhuRyW6T86pUZbW?sspret=1&zcc=0
Request Chain 544
  • https://px.owneriq.net/ero?redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fowneriq%2F%2F%28OIQ_id%29%3Fzcc%3D0%26sspret%3D1&rndcb=5421784261 HTTP 302
  • https://sync.1rx.io/usersync3/owneriq//Q7216653201746239856P?zcc=0&sspret=1
Request Chain 545
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159277&pu=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fpubmatic%2F%2F%23PMUID%3Fzcc%3D0%26sspret%3D1&rndcb=3961577402 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTA4NTA4RDktMTAyQy00MjgwLTg4RUUtMkQxQTI0NDY5MDcw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync3/pubmatic//A08508D9-102C-4280-88EE-2D1A24469070?zcc=0&sspret=1
Request Chain 546
  • https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fpulse%2F%2F%25%25VGUID%25%25%3Fzcc%3D0%26sspret%3D1&rndcb=2713846909 HTTP 302
  • https://sync.1rx.io/usersync3/pulse//aSpTw72oBezE?zcc=0&sspret=1
Request Chain 547
  • https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0&siteId=995936&rndcb=7076050353 HTTP 302
  • https://sync.1rx.io/usersync/quantcast/WoCtBluCqA5B0PkAD4K3AQ-Bqw9BiqsDXddUwVi3?gdpr=0
Request Chain 549
  • https://sync2.resetdigital.co/csync?pid=Unruly&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fresetdigital%2F%2FBUYER_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=4024651527 HTTP 302
  • https://sync.1rx.io/usersync3/resetdigital//000000D2D12A01C2?zcc=0&sspret=1
Request Chain 550
  • https://s.ad.smaato.net/c/?adExInit=u&redir=http%3A%2F%2Fsync.1rx.io%2Fusersync%2Fsmaato%2F%24UID?&rndcb=1012571224 HTTP 302
  • https://sync.1rx.io/usersync/smaato/592dbee6
Request Chain 551
  • https://sync.search.spotxchange.com/partner?adv_id=8801&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fspotx%2F%2F%24SPOTX_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=1092398762 HTTP 302
  • https://sync.1rx.io/usersync3/spotx//728114fc-63a3-11ed-aabe-12a4cdd40003?zcc=0&sspret=1
Request Chain 552
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=2711789819 HTTP 302
  • https://sync.1rx.io/usersync/stackadapt/0-0697176f-cd14-48e3-5143-156ab4e96086$ip$104.237.193.29
Request Chain 553
  • https://cs.ffbtas.com/usnci?i=1&ec=rhy&r=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Ftlvmedia%2F&rndcb=1943594523 HTTP 302
  • https://cs.ffbtas.com/ HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5 HTTP 302
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
Request Chain 554
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6867366732 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/8a252b93-28d3-40a0-bf24-181284989787
Request Chain 556
  • https://ad.turn.com/r/cs?pid=45&rndcb=5811971969 HTTP 302
  • https://sync.1rx.io/usersync/turn/3847914353920511232?dspret=1&redir=http%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzg1MjQ2ODY4%2Fmpuid%2F%5BRX_UUID%5D&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Request Chain 558
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=1471052996 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A HTTP 302
  • https://sync.1rx.io/usersync/verizon/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
Request Chain 560
  • https://p.rfihub.com/cm?pub=28593&in=1&rndcb=1372478847 HTTP 302
  • https://sync.1rx.io/usersync/zeta/2810035083213440694
Request Chain 561
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005?rndcb=2812035874 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
Request Chain 566
  • https://ps.eyeota.net/match?bid=d6m4omv&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=802455777 HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=d6m4omv&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=802455777
Request Chain 568
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=541745869&pcid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5518732273 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=541745869&pcid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5518732273&ckls=true&ci=sXgo019YVb&nc=false&trid=1264891466 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D541745869%26rnd%3D-1324732179%26pcid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPhZ_nMQ43TX3hq1ZffXtr0&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7F503C195A22489792DD1D44FD930470 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=541745869&rnd=-1324732179&pcid=A08508D9-102C-4280-88EE-2D1A24469070 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D541745869%3B1402230080%26rnd%3D1349242518&pcid=$UID HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=541745869;1402230080&rnd=1349242518&pcid=3466350839015920407 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D541745869%3B1402230080%3B1709765917%26rnd%3D1386105727%26pcid%3D__UID__ HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=201339086&mi=10&csh=541745869;1402230080;1709765917&rnd=1386105727&pcid=Y3FxKFOaQijXOw9VfulAuwAA%26549 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D541745869%3B1402230080%3B1709765917%3B201339086%26rnd%3D-1566386350%26pcid%3D$UID HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=541745869;1402230080;1709765917;201339086&rnd=-1566386350&pcid=2086264215600615833812 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D541745869%3B1402230080%3B1709765917%3B201339086%3B259151345%26rnd%3D1362521289%26pcid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618110e63fc8f&advId=100&advUuid=LAFXQDQC-C-2NT5&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1725065545%26pcid%3DLAFXQDQC-C-2NT5 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LAFXQDQC-C-2NT5 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D541745869%3B1402230080%3B1709765917%3B201339086%3B259151345%3B1725065545%26rnd%3D-517808382%26pcid%3D HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=541745869;1402230080;1709765917;201339086;259151345;1725065545&rnd=-517808382&pcid=94c6e74e-2aca-4fb4-8d99-f61749106516
Request Chain 571
  • https://idsync.rlcdn.com/709771.gif?partner_uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=4191508296 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=36a57e98-abcb-4127-9685-e0c79cc347db
Request Chain 573
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3134&partner_device_id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=1697023434 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3466350839015920407&pt=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
Request Chain 576
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=8372312124404870238 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=8372312124404870238&s_h=1 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&rn=TIMESTAMP&cs_xs=2189&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1701 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1701 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/4b6d3f46-f7ff-43da-bc78-c442027ecfb5/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F HTTP 302
  • https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx
Request Chain 577
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3057&partner_device_id=2331523891413183289 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3057&partner_device_id=2331523891413183289 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8a252b93-28d3-40a0-bf24-181284989787&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
Request Chain 578
  • https://id5-sync.com/s/224/9.gif?puid=8372312124404870238&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/224/108/8/2.gif?puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOP6fgnmfPg3NGfc4A2QwyNlu5ww17hsA_XoYCgg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F224%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/224/124/7/3.gif?puid=100556db-b1b8-4709-bd17-f415fe8f25ce&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACws07G4uIAACCR69Mn3A HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AACws07G4uIAACCR69Mn3A&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F1241%2F5%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/224/1241/5/5.gif?puid=FpYrdQZHtPzoiSclTbOgNJke&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F441%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/224/441/4/6.gif?puid=u_a760e794-7429-45dd-8676-745b657443c4&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/224/108/3/7.gif?puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACws07G4uIAACCR69Mn3A HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F796%2F1%2F9.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/224/796/1/9.gif?puid=189ce4a1-43b0-4f8f-9664-1877bf46c91b&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F429%2F0%2F10.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/224/429/0/10.gif?puid=A08508D9-102C-4280-88EE-2D1A24469070&gdpr=0&gdpr_consent=
Request Chain 579
  • https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id=&dcc=t
Request Chain 583
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8372312124404870238&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8372312124404870238&gdpr=&gdpr_consent=&C=1
Request Chain 585
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM3MjMxMjEyNDQwNDg3MDIzOA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
Request Chain 586
  • https://secure.adnxs.com/getuid?https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fr.turn.com%2Fr%2Fbd%3Fddc%3D1%26pid%3D54%26cver%3D1%26uid%3D%24UID HTTP 302
  • https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=3466350839015920407
Request Chain 589
  • https://x.bidswitch.net/sync?dsp_id=302&user_id=8372312124404870238&expires=7&gdpr=&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8372312124404870238&seat_key=302&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 595
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3057&partner_device_id=2331523891413183289 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3057&partner_device_id=2331523891413183289 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8a252b93-28d3-40a0-bf24-181284989787&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
Request Chain 596
  • https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id=&dcc=t
Request Chain 597
  • https://sync.1rx.io/usersync/turn/3847914353920511232?dspret=1&redir=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzg1MjQ2ODY4%2Fmpuid%2F%5BRX_UUID%5D&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Request Chain 599
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=3847914353920511232 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=3847914353920511232&s_h=1 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&rn=TIMESTAMP&cs_xs=2189&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1701 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1701 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/4b6d3f46-f7ff-43da-bc78-c442027ecfb5/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F HTTP 302
  • https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx
Request Chain 600
  • https://id5-sync.com/s/224/9.gif?puid=3847914353920511232&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3847914353920511232&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F1240%2F8%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/224/1240/8/2.gif?puid=FpYrdQZHtPzoiSclTbOgNJke&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOP6fgnmfPg3NGfc4A2QwyNlu5ww17hsA_XoYCgg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F224%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/224/124/7/3.gif?puid=100556db-b1b8-4709-bd17-f415fe8f25ce&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=8a252b93-28d3-40a0-bf24-181284989787&ttl=%%TTL%% HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=8a252b93-28d3-40a0-bf24-181284989787&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F1245%2F5%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/224/1245/5/5.gif?puid=FpYrdQZHtPzoiSclTbOgNJke&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F434%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/224/434/4/6.gif?puid=4a835794-74c0-4aa8-945b-26bd565a9291&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F203%2F3%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/224/203/3/7.gif?puid=9beebe1b-2bc8-4709-8856-7fceb2e55cca&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACws07G4uIAACCR69Mn3A HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F108%2F1%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/224/108/1/9.gif?puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F429%2F0%2F10.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/224/429/0/10.gif?puid=A08508D9-102C-4280-88EE-2D1A24469070&gdpr=0&gdpr_consent=
Request Chain 601
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0NzkxNDM1MzkyMDUxMTIzMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
Request Chain 602
  • https://pixel.advertising.com/ups/55939/sync?uid=3847914353920511232&_origin=1&gdpr=&gdpr_consent=&us_privacy= HTTP 301
  • https://ups.analytics.yahoo.com/ups/55939/sync?uid=3847914353920511232&_origin=1&gdpr=&gdpr_consent=&us_privacy=
Request Chain 603
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3847914353920511232&dongle=d407 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4771&xuid=3847914353920511232&dongle=d407&gdpr=0&cmp_cs=&us_privacy=
Request Chain 604
  • https://ce.lijit.com/merge?pid=1&3pid=3847914353920511232 HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3847914353920511232&dnr=1
Request Chain 607
  • https://x.bidswitch.net/sync?dsp_id=302&user_id=3847914353920511232&expires=7&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=302&user_id=3847914353920511232&expires=7&gdpr=&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=646fd8ed-ac69-4a32-a122-20903ac4341c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 610
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3847914353920511232&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537073061&val=3847914353920511232&gdpr=&gdpr_consent=&us_privacy=
Request Chain 617
  • https://px.owneriq.net/ecmg?google_gid=CAESEO-tDoWRNRjYt7h93oPkuoo&google_cver=1&google_push=ASkJ3FafXTAikMOL_E_NbAiPr2Bicq00dCtTnRVi4xheV13OPcyKGHtzqyObYek4MxkRIPku5KZNhxJ2w0OjlCmhZUlrVSpt1EJS HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dASkJ3FafXTAikMOL_E_NbAiPr2Bicq00dCtTnRVi4xheV13OPcyKGHtzqyObYek4MxkRIPku5KZNhxJ2w0OjlCmhZUlrVSpt1EJS%26google_cver%3d1%26google_gid%3dCAESEO-tDoWRNRjYt7h93oPkuoo%26google_hm%3dUTcyMTY2NTMyMDE3NDYyMzk4NTY%3d&uid=Q7216653201746239856&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=ASkJ3FafXTAikMOL_E_NbAiPr2Bicq00dCtTnRVi4xheV13OPcyKGHtzqyObYek4MxkRIPku5KZNhxJ2w0OjlCmhZUlrVSpt1EJS&google_cver=1&google_gid=CAESEO-tDoWRNRjYt7h93oPkuoo&google_hm=UTcyMTY2NTMyMDE3NDYyMzk4NTY=
Request Chain 618
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEM1IE85dTiiWbuDcPCrNTmg&google_cver=1&google_push=ASkJ3Fb6tgO-kVgvwYgB_xUuBEIesCFRAwyxqd9b5i3xLU2rv5UOKL-9cNiIhNd-amf6qeuvuI7vDjPeKWte1W4wXQbxsEDRFnrS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb6tgO-kVgvwYgB_xUuBEIesCFRAwyxqd9b5i3xLU2rv5UOKL-9cNiIhNd-amf6qeuvuI7vDjPeKWte1W4wXQbxsEDRFnrS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM1IE85dTiiWbuDcPCrNTmg&google_cver=1&google_push=ASkJ3Fb6tgO-kVgvwYgB_xUuBEIesCFRAwyxqd9b5i3xLU2rv5UOKL-9cNiIhNd-amf6qeuvuI7vDjPeKWte1W4wXQbxsEDRFnrS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb6tgO-kVgvwYgB_xUuBEIesCFRAwyxqd9b5i3xLU2rv5UOKL-9cNiIhNd-amf6qeuvuI7vDjPeKWte1W4wXQbxsEDRFnrS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 619
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMjRLLNgah97MqRFAUurvfc&google_cver=1&google_push=ASkJ3FapLuDdXu0Rg0CaOjb922Ql27iMIcALHPEQfaM58JFS0ROicvRSXrXIcCs-f3UAcoRdNiO8HyJfd7bLTj5Yoo_Y9q4YF84 HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMjRLLNgah97MqRFAUurvfc&google_cver=1&google_push=ASkJ3FapLuDdXu0Rg0CaOjb922Ql27iMIcALHPEQfaM58JFS0ROicvRSXrXIcCs-f3UAcoRdNiO8HyJfd7bLTj5Yoo_Y9q4YF84&prevuid=05030002_637171286390e&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=ASkJ3FapLuDdXu0Rg0CaOjb922Ql27iMIcALHPEQfaM58JFS0ROicvRSXrXIcCs-f3UAcoRdNiO8HyJfd7bLTj5Yoo_Y9q4YF84&google_hm=MDUwMzAwMDJfNjM3MTcxMjg2MzkwZQ%3D%3D
Request Chain 620
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMsSd_bJl1_tk_dcRzVJlEg&google_cver=1&google_push=ASkJ3FbmSsD7xt4CPJL-HhpfMKkHGccInsNyrwUuAPR0AApQmtvb7QEMn-GmwyJEh-SQNNQFOTwtDN8R80q00tGW-j9n-XoSRl8i HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbmSsD7xt4CPJL-HhpfMKkHGccInsNyrwUuAPR0AApQmtvb7QEMn-GmwyJEh-SQNNQFOTwtDN8R80q00tGW-j9n-XoSRl8i&google_hm=NDU2MDcwMTM2MjA4ODA4MDE5Ng%3D%3D
Request Chain 621
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEN9ixVPdn3QKzh2n6rQ1D04&google_cver=1&google_push=ASkJ3FZXqGc0EgfaOhmXIJrUbb1G3Ffw302_RdvayPvK7_xdNXbBDRUdPvg2Spu1Zgk5RW-pis_IuN5fhhRCZfakWtRxSg8vrT3s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZXqGc0EgfaOhmXIJrUbb1G3Ffw302_RdvayPvK7_xdNXbBDRUdPvg2Spu1Zgk5RW-pis_IuN5fhhRCZfakWtRxSg8vrT3s&google_hm=a5e90b5145ad4e46c202793b4d6b11a3
Request Chain 622
  • https://sync.inmobi.com/gob?google_gid=CAESEKMfqj-V_RNMdLsaZ8LuKz8&google_cver=1&google_push=ASkJ3FZv_ntxKWyhSWFc_bLANfOlfdiR8icglgUeuZG_QAB5Pfc4TfeYNrC8FPTp6PJAAJhlOEjRS4hEZbWARRINRCO2tQj8LN25fg HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FZv_ntxKWyhSWFc_bLANfOlfdiR8icglgUeuZG_QAB5Pfc4TfeYNrC8FPTp6PJAAJhlOEjRS4hEZbWARRINRCO2tQj8LN25fg HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOP6fgnmfPg3NGfc4A2QwyNlu5ww17hsA_XoYCgg&google_push=ASkJ3FZv_ntxKWyhSWFc_bLANfOlfdiR8icglgUeuZG_QAB5Pfc4TfeYNrC8FPTp6PJAAJhlOEjRS4hEZbWARRINRCO2tQj8LN25fg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=hkB8J0qxD17FNSWKmpTy&google_push=ASkJ3FZv_ntxKWyhSWFc_bLANfOlfdiR8icglgUeuZG_QAB5Pfc4TfeYNrC8FPTp6PJAAJhlOEjRS4hEZbWARRINRCO2tQj8LN25fg&google_nid=inmobi_new_eb
Request Chain 623
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZduUKGPEKdrXBmSGtvsW6By9jeoPpDjOxlNgrRGqrauyw5vpLf76yFWWMcz_UTa_k_deipoU7Lb3AlssOT1bmWbafpz-G_dw?google_gid=CAESEGYKZq6aVACaJ7ZNdGnMcl0&google_cver=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZduUKGPEKdrXBmSGtvsW6By9jeoPpDjOxlNgrRGqrauyw5vpLf76yFWWMcz_UTa_k_deipoU7Lb3AlssOT1bmWbafpz-G_dw?google_gid=CAESEGYKZq6aVACaJ7ZNdGnMcl0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=08f8f50f-06db-4e9c-ab8a-cbe1b4e9ff6e&&google_push=ASkJ3FZduUKGPEKdrXBmSGtvsW6By9jeoPpDjOxlNgrRGqrauyw5vpLf76yFWWMcz_UTa_k_deipoU7Lb3AlssOT1bmWbafpz-G_dw
Request Chain 628
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1&google_push=ASkJ3FYKx9dRo0CF87nWTeW2WLCnaRQ-W2SeZGt78X3tmFcwWZprDeU-B3RJRieYgLcgEq32dJT7F_M7EENPD9nbKy6bkhwPgY8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0NzkxNDM1MzkyMDUxMTIzMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
Request Chain 629
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBXhlc9_Sm9FqbPVLcjRzgw&google_cver=1&google_push=ASkJ3Fb7bczdWW5RQBfrYBscqfSHCUd6rX_arq5jPArc-sVfvV-NH9Zck1-1totfO_phKjs8DyBBasjN-0AZ_bNNuXUg5udBW_Y HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBXhlc9_Sm9FqbPVLcjRzgw&google_cver=1&google_push=ASkJ3Fb7bczdWW5RQBfrYBscqfSHCUd6rX_arq5jPArc-sVfvV-NH9Zck1-1totfO_phKjs8DyBBasjN-0AZ_bNNuXUg5udBW_Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SE9ncEFpenUxT1VsenE1&google_gid=CAESEBXhlc9_Sm9FqbPVLcjRzgw&google_cver=1&google_push=ASkJ3Fb7bczdWW5RQBfrYBscqfSHCUd6rX_arq5jPArc-sVfvV-NH9Zck1-1totfO_phKjs8DyBBasjN-0AZ_bNNuXUg5udBW_Y
Request Chain 630
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=1&google_push=ASkJ3FYFnn_ryfBzICZKJdaRuIckQFYED4q-gVZfFvHa1Zdi7u8m_ko0CzeEhzHskjBTmoEjInxWl91GTrkb3R2FpmHrDNkGEQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTM3NDc0MmItZGQ0Ni00YzU1LTg5NmMtZWFhYjY1ODdjYzc3&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=1&google_push=ASkJ3FYFnn_ryfBzICZKJdaRuIckQFYED4q-gVZfFvHa1Zdi7u8m_ko0CzeEhzHskjBTmoEjInxWl91GTrkb3R2FpmHrDNkGEQ
Request Chain 631
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL4wMWdNzfnBLXfPj2g-TTQ&google_cver=1&google_push=ASkJ3FaU8oD-ZlKzKf0MKvV87epCNOw6Bf-atsucQnkPzp_HiTYzqda6tp7oL01SXIzBABUixoa9UROdbwENa95qp5JRnx9eMeQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWFFEUkwtMjUtNU1VMw==&google_push=ASkJ3FaU8oD-ZlKzKf0MKvV87epCNOw6Bf-atsucQnkPzp_HiTYzqda6tp7oL01SXIzBABUixoa9UROdbwENa95qp5JRnx9eMeQ
Request Chain 632
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEFjSa2A6ZrEZzeSgC1ngGQw&google_cver=1&google_push=ASkJ3FZEjRoREnxIDq70Ag5mqQZL6os0SR5Lzf7x2CDZitUUXluMzCi4jm7aM4CRvNu8paA8c1CUfTLt048TkptNipVOyQM-UkQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OTE3ZWNhMjRlZDc2NDEzZmJhZTY3OThhN2ZjZDk1YWY%3D&UIDF=CAESEFjSa2A6ZrEZzeSgC1ngGQw&google_cver=1&google_push=ASkJ3FZEjRoREnxIDq70Ag5mqQZL6os0SR5Lzf7x2CDZitUUXluMzCi4jm7aM4CRvNu8paA8c1CUfTLt048TkptNipVOyQM-UkQ
Request Chain 634
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEN9ixVPdn3QKzh2n6rQ1D04&google_cver=1&google_push=ASkJ3Fb4983c7wBulcjh934Z9hu93rKOwET9C_qTli5uzcprMbMlG6jNAppC9DhLMP0iN_qqMW015722DY1hifqRj-k2zQBgg-k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fb4983c7wBulcjh934Z9hu93rKOwET9C_qTli5uzcprMbMlG6jNAppC9DhLMP0iN_qqMW015722DY1hifqRj-k2zQBgg-k&google_hm=7ef9d2a7fc00ab515a00594b4f3081f5
Request Chain 642
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dl3n5dysDEcXSBX_eVAfUw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4560701362088080196
Request Chain 643
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMq15KmLYfTlBYVOLTCPFnc&google_cver=1
Request Chain 644
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8a252b93-28d3-40a0-bf24-181284989787&gdpr=0&gdpr_consent=&expires=30
Request Chain 645
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWFFEUUMtQy0yTlQ1
Request Chain 647
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAFXQDQC-C-2NT5
Request Chain 648
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGJiYTVjNDMwODMyN2ZhNTdlM2U0NTM1OTczNjY5YTQxOTRjZWJlYw
Request Chain 649
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=v2Rs9fznT9eTdxrXZxiJVg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=v2Rs9fznT9eTdxrXZxiJVg
Request Chain 650
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=646fd8ed-ac69-4a32-a122-20903ac4341c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=f386c6ab-198b-452b-bd0c-27ae9f8829c7&ssp=themediagrid&bsw_param=646fd8ed-ac69-4a32-a122-20903ac4341c
Request Chain 651
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACws07G4uIAACCR69Mn3A&expiration=1669588520
Request Chain 652
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx HTTP 302
  • https://cs.media.net/cksync.html?cs=8&type=opxab4f6861-cd8c-4da7-aab3-1e5a17b7b4df
Request Chain 653
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1643770926 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=646fd8ed-ac69-4a32-a122-20903ac4341c&google_hm=NjQ2ZmQ4ZWQtYWM2OS00YTMyLWExMjItMjA5MDNhYzQzNDFj HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFoxHLyc80ZTfDjrYLBlits&google_cver=1&ssp=adconductor&bsw_param=646fd8ed-ac69-4a32-a122-20903ac4341c HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/646fd8ed-ac69-4a32-a122-20903ac4341c?gdpr=&gdpr_consent= HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Request Chain 654
  • https://onetag-sys.com/usync/?tag=img HTTP 302
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=2810035083213440694&expires=30&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=646fd8ed-ac69-4a32-a122-20903ac4341c&gdpr=&gdpr_consent=&us_privacy=

667 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tryyourfirst.icu/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tryyourfirst.icu/
Protocol
HTTP/1.1
Server
72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 13 Nov 2022 22:35:14 GMT
Keep-Alive
timeout=5, max=97
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
bouncy.php
tryyourfirst.icu/page/ 		706 B
990 B 		Document
General
Check archive.org
Download Go to
Full URL
http://tryyourfirst.icu/page/bouncy.php?&bpae=GbhOd60molx7j3N1PAspr%2FEr%2FXOPd34nwjXzR%2BPpskfBNh4cqXl617Elrp%2F%2Bo%2Fy5PlXGTT1wvzP43mEuvVUlaxC2EkH%2BSvjPK%2FMj0epEDjabLA9GomcTqEYtdo3JMSp2P2kYmbVLvARbychz03JFDUeT44XUh6taplUWWdHoXpG4qKBYX00dZRHdtJrY%2BpY1Wye6Z2zwQcyN6HNWMG2sjwfwgR6Ue7%2FTkKugjN7qD%2B8P%2FbNRW4q7wzNvQB85m7qo56SzzDN93tyd0FGIEr%2FwvVWkXjRA4%2FR8ZGZGvzZScm7s3jPGyUg6gTatbID%2FedU89t5pB63JTvKEU3pRpy%2FXfZ%2Bvc6ZvjDRYRnedrdmByozFwo0saRkKGUnV7ltxHbs6W7grPECJaNB218dS3tMi067ClQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: tryyourfirst.icu
URL: http://tryyourfirst.icu/
Protocol
HTTP/1.1
Server
72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer
http://tryyourfirst.icu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 13 Nov 2022 22:35:14 GMT
Keep-Alive
timeout=5, max=96
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
Primary Request /
simcast.com/ 		37 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Requested by
Host: tryyourfirst.icu
URL: http://tryyourfirst.icu/page/bouncy.php?&bpae=GbhOd60molx7j3N1PAspr%2FEr%2FXOPd34nwjXzR%2BPpskfBNh4cqXl617Elrp%2F%2Bo%2Fy5PlXGTT1wvzP43mEuvVUlaxC2EkH%2BSvjPK%2FMj0epEDjabLA9GomcTqEYtdo3JMSp2P2kYmbVLvARbychz03JFDUeT44XUh6taplUWWdHoXpG4qKBYX00dZRHdtJrY%2BpY1Wye6Z2zwQcyN6HNWMG2sjwfwgR6Ue7%2FTkKugjN7qD%2B8P%2FbNRW4q7wzNvQB85m7qo56SzzDN93tyd0FGIEr%2FwvVWkXjRA4%2FR8ZGZGvzZScm7s3jPGyUg6gTatbID%2FedU89t5pB63JTvKEU3pRpy%2FXfZ%2Bvc6ZvjDRYRnedrdmByozFwo0saRkKGUnV7ltxHbs6W7grPECJaNB218dS3tMi067ClQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
4438d606bdbb746df876d21be6d13ef73f26fec9f2f21404f14d50bf7bff5f40

Request headers

Referer
http://tryyourfirst.icu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-encoding
gzip
content-length
6904
content-type
text/html; charset=UTF-8
date
Sun, 13 Nov 2022 22:35:15 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.38 (Debian)
upgrade
h2
vary
Accept-Encoding
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15851"
vary
Accept-Encoding
x-hw
1668378915.dop005.ch4.t,1668378915.cds223.ch4.hn,1668378915.cds190.ch4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
html.css
simcast.com/templates/simcast/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/css/html.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 00:43:56 GMT
server
Apache/2.4.38 (Debian)
etag
"5101-5d2abe6bdeb00-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
4273
all.min.css
simcast.com/lib/fontawesome-5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 21:31:18 GMT
server
Apache/2.4.38 (Debian)
etag
"daa3-5d2a935d4d580-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
12209
lib.js
simcast.com/templates/simcast/js/ 		856 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simcast.com/templates/simcast/js/lib.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 03:31:19 GMT
server
Apache/2.4.38 (Debian)
etag
"358-5d39fa3726fc0-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
application/javascript
connection
Upgrade
accept-ranges
bytes
content-length
459
aaw.smc.js
cdn.adapex.io/hb/ 		531 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adapex.io/hb/aaw.smc.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4710d2d86157e62fa6527c9a689b0130c0798dd3e163cb993ffd90af9e42ab8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18819
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 07 Nov 2022 17:19:23 GMT
server
cloudflare
etag
W/"63693e1b-84c10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIbYB7YGPEeI4Elv5KYa%2Fqkur5AvA4KhaBOPV3WZbfZI6%2Fw4QRSS8gaVgh9c6mqdWzfTniUuWiaMzxChgUXvAI0rzWv%2B7ry%2FLfykUZMSuZZB9neytxOO6seff60pWyxwiJHxjiMVOMTLCAw5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
769afabebfbe61d4-ORD
expires
Mon, 14 Nov 2022 17:20:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fb70b74ab8085fab0dfea5fde3fa7c8ec341e844cbca901b6ba5c464defcdb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55079
x-xss-protection
0
server
cafe
etag
12398447355056780216
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 13 Nov 2022 22:35:15 GMT
simcastlogo_35y.png
simcast.com/templates/simcast/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/templates/simcast/images/simcastlogo_35y.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
last-modified
Thu, 09 Dec 2021 00:46:50 GMT
server
Apache/2.4.38 (Debian)
etag
"527-5d2abf11cf280"
upgrade
h2
content-type
image/png
connection
Upgrade
accept-ranges
bytes
content-length
1319
enhance.js
parking2.parklogic.com/page/ 		566 B
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://parking2.parklogic.com/page/enhance.js?pcId=56&domain=tryyourfirst.icu
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:91ff:fee2:5b0f Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
0a01c8b9d366f968427a3dfc1196a9c2c66d0e78b8b53a784d4754b484e69313

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:15 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
Connection
Keep-Alive
X-Powered-By
PHP/5.5.38
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3467405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwwSfjtCA1pcEwqghpyFWiQvAlOf7MnbKCPs8BZia%2Bq9lF9TE527bNn8XEZeL1hRLHDt%2FAxCSH%2BrScOKGO6Nmbf3RMq6bf%2B%2B70p0XJa9%2BpX%2FuvhKbbkH2ntim4G9g87lpFVqOTLAgmQQ8lNViPMGrfop"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
769afabfdb6e2c17-ORD
expires
Fri, 03 Nov 2023 22:35:15 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3388551
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SFCN3TzZgdboSe7KkgDWfFN8pE24iWh%2F80%2FGJGy6AQygobUe3X8Z3SVaZGK9D5Btr29IBmj5JKqa1yEEW%2FcB4FAYLAUIyD3fXlx1wpIkAzxTRJJ4Lnqh%2BHtGpV249IWNoLWYD8B%2F0692fUe5LflxtNn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
769afabfdb702c17-ORD
expires
Fri, 03 Nov 2023 22:35:15 GMT
modal.css
simcast.com/widgets/modal/ 		992 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/modal/modal.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:56 GMT
server
Apache/2.4.38 (Debian)
etag
"3e0-5d2ab305a0600-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
352
embedcode.js
embed.sendtonews.com/player3/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player3/embedcode.js?fk=eKVKXbhX&cid=12018&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.93.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-93-42.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b880d02548134c2dd63b551c0f101a77d75b8c254a9ca9f6d940d4216a9d09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-length
3101
expires
Sun, 13 Nov 2022 23:35:15 GMT
AAQQBw5.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAQQBw5.img?h=100&w=100&x=320&y=212.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
57f955f526870cd27af21b834d7a83a45caca6b06e3315bbcf5a7c9c39edf27a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Thu, 10 Nov 2022 06:30:05 GMT
x-resizerversion
1.0
x-datacenter
westus
x-source-length
97684
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=114972
x-activityid
7ed62132-ee61-4412-b4e7-503eeb6cb6be
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AAQQBw5?h=100&w=100&x=320&y=212.5&m=5
content-length
4223
expires
Tue, 15 Nov 2022 06:31:28 GMT
BBtGWHM.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBtGWHM.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2c019c7290ad55d7a266c07d630c6520457c09a2cb12813167ad678c6de59e6c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Fri, 07 Oct 2022 08:45:58 GMT
x-resizerversion
1.0
x-source-length
1033
x-datacenter
northeu
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=296131
x-activityid
7ab6b5fb-c236-4243-88f1-b12a735dd959
content-location
https://img.s-msn.com/tenant/amp/entityid/BBtGWHM
timing-allow-origin
*
content-length
1033
expires
Thu, 17 Nov 2022 08:50:47 GMT
AA13RDqo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13RDqo.img?h=100&w=100&x=960&y=640&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1c2f75b7f306722dfc7eb1e00dbf5c7e39f5fe4c43c419bba891153328962050
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 13 Nov 2022 11:11:24 GMT
x-resizerversion
1.0
x-datacenter
westus
x-source-length
576145
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=390982
x-activityid
f62a3f34-2a88-447e-836d-129de7c146ae
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13RDqo?h=100&w=100&x=960&y=640&m=5
content-length
5085
expires
Fri, 18 Nov 2022 11:11:38 GMT
BB1gJOWA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1gJOWA.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0d46a234da7737f3111cb9932329494743fe72b3ddd0a0539c6505f036fcc6b5
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Tue, 08 Nov 2022 17:56:59 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
4652
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=372145
x-activityid
baa651e3-a1e4-4e74-b9ab-8500ba1e4001
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/BB1gJOWA
content-length
4652
expires
Fri, 18 Nov 2022 05:57:41 GMT
AA13OJ4U.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13OJ4U.img?h=100&w=100&x=960&y=640&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
60e2902731f7f783e9d3399969fd86d82a495a9aea58004687b4393018ad968e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 13 Nov 2022 09:11:50 GMT
x-resizerversion
1.0
x-source-length
541235
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=383826
x-activityid
2b07dae1-6c9b-44fe-b60a-bf7763f7cc24
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13OJ4U?h=100&w=100&x=960&y=640&m=5
timing-allow-origin
*
content-length
4659
expires
Fri, 18 Nov 2022 09:12:22 GMT
AA13OIjk.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13OIjk.img?h=100&w=100&x=960&y=640&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f777b70b306d0091e19d2f0500fee8609589088a3b85cf4997ebbd02da355349
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 13 Nov 2022 12:14:12 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
303383
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=394715
x-activityid
a127f679-46a9-4aea-84b5-8c4605060b20
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13OIjk?h=100&w=100&x=960&y=640&m=5
content-length
2658
expires
Fri, 18 Nov 2022 12:13:51 GMT
AA144jeG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA144jeG.img?h=100&w=100&x=297&y=232&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
71520d28eca85e7836e16ac98152bdf53f7f3ef207f0a25b450960e1586502da
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 13 Nov 2022 22:26:45 GMT
x-resizerversion
1.0
x-source-length
163708
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431557
x-activityid
d1dac6d4-8f79-4602-8563-55f874d60684
content-location
https://img.s-msn.com/tenant/amp/entityid/AA144jeG?h=100&w=100&x=297&y=232&m=5
timing-allow-origin
*
content-length
3351
expires
Fri, 18 Nov 2022 22:27:53 GMT
AAZxNEQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAZxNEQ.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c36b342dc5dfa81113b4d5f2595c36433b03d12abbb60d7b13b19df1ec03649f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Tue, 08 Nov 2022 10:08:13 GMT
x-resizerversion
1.0
x-datacenter
northeu
x-source-length
7299
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=343913
x-activityid
30cd47af-fd7f-4f55-8f5b-eb10f9c3acb6
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AAZxNEQ
content-length
7299
expires
Thu, 17 Nov 2022 22:07:09 GMT
AA13RxWq.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13RxWq.img?h=500&w=1000&x=960&y=640&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2f37d27511110baa889a910f08011ef9b6021f85d33026448f7e0486dca03d02
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 13 Nov 2022 10:12:10 GMT
x-resizerversion
1.0
x-source-length
559098
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=387385
x-activityid
a3ac570d-6bbc-429a-b9e6-3bc6593ffdf5
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13RxWq?h=500&w=1000&x=960&y=640&m=2
timing-allow-origin
*
content-length
119211
expires
Fri, 18 Nov 2022 10:11:41 GMT
AA144fXh.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA144fXh.img?h=70&w=95&x=575.5&y=340.5&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
637a7b98d9279b40d38390d0c5f1e1c76e9582c57605418063a5164704df7a35
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 13 Nov 2022 22:10:28 GMT
x-resizerversion
1.0
x-source-length
37490
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430481
x-activityid
bcb4e9be-2601-4794-bc23-7f45e8fd0108
content-location
https://img.s-msn.com/tenant/amp/entityid/AA144fXh?h=70&w=95&x=575.5&y=340.5&m=5
timing-allow-origin
*
content-length
1737
expires
Fri, 18 Nov 2022 22:09:57 GMT
AAykw7c.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAykw7c.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d3aff6b5aee10df68949c4c462537d872a5ba2bfc3ae88b65b3114a43b745e78
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Thu, 20 Oct 2022 02:51:08 GMT
x-resizerversion
1.0
x-source-length
18737
x-datacenter
westus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=231841
x-activityid
4a6c3d02-9e62-4964-84a5-70dc44ea7e19
content-location
https://img.s-msn.com/tenant/amp/entityid/AAykw7c
timing-allow-origin
*
content-length
18737
expires
Wed, 16 Nov 2022 14:59:17 GMT
AA13ZKZQ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13ZKZQ.img?h=70&w=95&x=960&y=640&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b79352c309e81605adb0327eda4adc44a8526845e565b49682542ea4db53feaa
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Fri, 11 Nov 2022 10:27:07 GMT
x-resizerversion
1.0
x-source-length
235474
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=215479
x-activityid
72fb3667-aa32-4c55-a445-318d59d05b61
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13ZKZQ?h=70&w=95&x=960&y=640&m=5
timing-allow-origin
*
content-length
2735
expires
Wed, 16 Nov 2022 10:26:35 GMT
AAOqYb2.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAOqYb2.img?h=70&w=95&x=47&y=35&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7be4ab69827ee2259c5b6ed28fd69c3b759eaeecaa875a7c24ba443990a45489
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Thu, 10 Nov 2022 10:42:01 GMT
x-resizerversion
1.0
x-source-length
59184
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=130060
x-activityid
d681998f-19db-458b-b7b1-6a7afd367ef9
content-location
https://img.s-msn.com/tenant/amp/entityid/AAOqYb2?h=70&w=95&x=47&y=35&m=5
timing-allow-origin
*
content-length
2686
expires
Tue, 15 Nov 2022 10:42:56 GMT
AA5Y0fM.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		338 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA5Y0fM.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22f904a3947eab1b1ffca811baa6ca5c218ea53a4b38a86403e93caa2e8a17c6
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 23 Oct 2022 19:44:02 GMT
x-resizerversion
1.0
x-datacenter
westus
x-source-length
338
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=162646
x-activityid
afc5e5ad-2ebc-4fcd-bfed-fae3eab54e88
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AA5Y0fM
content-length
338
expires
Tue, 15 Nov 2022 19:46:02 GMT
AA13RDqo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13RDqo.img?h=70&w=95&x=960&y=640&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3418fe28e64ee09a246edf387b1204376cb82c1ee8cbd3668c68492cac7c56ae
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 13 Nov 2022 11:11:25 GMT
x-resizerversion
1.0
x-datacenter
westus
x-source-length
576145
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=390939
x-activityid
d4d69d78-b858-4edc-8ead-de03362337b7
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13RDqo?h=70&w=95&x=960&y=640&m=5
content-length
3399
expires
Fri, 18 Nov 2022 11:10:55 GMT
5.jpg
simcast.com/images/clipart/news/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/clipart/news/5.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
84498164a91e08f53e2ea5e8240452b0871643a928278b94b94f7793ac3ecc9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
last-modified
Thu, 09 Dec 2021 00:11:44 GMT
server
Apache/2.4.38 (Debian)
etag
"2f23-5d2ab7395f000"
upgrade
h2
content-type
image/jpeg
connection
Upgrade
accept-ranges
bytes
content-length
12067
AAYN4OK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAYN4OK.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
534719b8cf4fd27180bf905d09e9117f514674e2c2aa1991465b742148f2583f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sat, 05 Nov 2022 17:29:33 GMT
x-resizerversion
1.0
x-source-length
7324
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=112307
x-activityid
f22b57e3-ea8d-4af6-8be9-ffdec2741472
content-location
https://img.s-msn.com/tenant/amp/entityid/AAYN4OK
timing-allow-origin
*
content-length
7324
expires
Tue, 15 Nov 2022 05:47:03 GMT
AA1404Ji.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1404Ji.img?h=70&w=95&x=960&y=640&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7dc9c62dc86720546c13355156990a1a9713dc0e1dcd45fc8c6b291d150afdac
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Fri, 11 Nov 2022 14:12:09 GMT
x-resizerversion
1.0
x-source-length
309758
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=229033
x-activityid
c0f616b7-9264-42eb-aed0-0a33e9d54e4c
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1404Ji?h=70&w=95&x=960&y=640&m=5
timing-allow-origin
*
content-length
2687
expires
Wed, 16 Nov 2022 14:12:29 GMT
AA1445rM.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1445rM.img?h=70&w=95&x=509&y=220&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ba889554944d5cf767de8d6c1f22a3147554ecc0f1f5f01815f0bc8d59dd020f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 13 Nov 2022 21:28:16 GMT
x-resizerversion
1.0
x-source-length
50700
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427952
x-activityid
1511633e-0517-458b-ae46-ebaa9b15b303
content-location
https://img.s-msn.com/tenant/amp/entityid/AA1445rM?h=70&w=95&x=509&y=220&m=5
timing-allow-origin
*
content-length
2131
expires
Fri, 18 Nov 2022 21:27:48 GMT
AAg0OiN.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAg0OiN.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
51ad6f27771508eacc67edc60db023c35efb5d62c222b8f73585595b47bc30c0
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Fri, 07 Oct 2022 08:19:43 GMT
x-resizerversion
1.0
x-source-length
18952
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=294648
x-activityid
f4656239-f314-4ae2-9a7e-fb9014350ad7
content-location
https://img.s-msn.com/tenant/amp/entityid/AAg0OiN
timing-allow-origin
*
content-length
18952
expires
Thu, 17 Nov 2022 08:26:04 GMT
AA13xOJg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13xOJg.img?h=70&w=95&x=599.5&y=314&m=5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a2251445800c16c7e42d5376ae91a92cba0e12a16bb898248afe80e148534566
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 13 Nov 2022 22:08:10 GMT
x-resizerversion
1.0
x-source-length
184423
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430411
x-activityid
920badac-f441-4af5-8258-05dd5f194162
content-location
https://img.s-msn.com/tenant/amp/entityid/AA13xOJg?h=70&w=95&x=599.5&y=314&m=5
timing-allow-origin
*
content-length
3203
expires
Fri, 18 Nov 2022 22:08:47 GMT
AAPz0zo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPz0zo.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2bcb4ec208c3cc7c69900e60c4f00ceb8f8ba574e82ffb816e43eb68323180d5
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Wed, 02 Nov 2022 02:20:00 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
2421
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=187450
x-activityid
3a9d75f2-1a7f-40c8-b5f9-b13aee2cdba2
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AAPz0zo
content-length
2421
expires
Wed, 16 Nov 2022 02:39:26 GMT
2.jpg
simcast.com/images/clipart/news/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simcast.com/images/clipart/news/2.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d858e75f5a2828ab957722c99898bd7fa251bfdcbf7ce2385317d893adad7423

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Thu, 09 Dec 2021 00:11:41 GMT
server
Apache/2.4.38 (Debian)
etag
"23c5-5d2ab73682940"
upgrade
h2
content-type
image/jpeg
connection
Upgrade
accept-ranges
bytes
content-length
9157
AAXLCIG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAXLCIG.img
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dc64567aaff7a39ca8a68eef15bcf701c4758749bebc51dd626b82130bd71285
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Mon, 31 Oct 2022 02:13:35 GMT
x-resizerversion
1.0
x-datacenter
eastus
x-source-length
8519
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=405662
x-activityid
d4d0b10b-c0a1-4394-858e-26305df7e2e3
timing-allow-origin
*
content-location
https://img.s-msn.com/tenant/amp/entityid/AAXLCIG
content-length
8519
expires
Fri, 18 Nov 2022 15:16:18 GMT
AA144qcb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA144qcb.img?h=300&w=400&x=354.5&y=196.5&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
df70f2306a38c6fb600b5e3cee8f455c276a80bc1b26c65dee42c6fed844b46d
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 13 Nov 2022 22:02:17 GMT
x-resizerversion
1.0
x-source-length
45466
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430083
x-activityid
fb996c3f-a18d-4e2d-a48a-33d5427d316f
content-location
https://img.s-msn.com/tenant/amp/entityid/AA144qcb?h=300&w=400&x=354.5&y=196.5&m=2
timing-allow-origin
*
content-length
22877
expires
Fri, 18 Nov 2022 22:03:19 GMT
AA144fYv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA144fYv.img?h=300&w=400&x=640&y=289.5&m=2
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:1400:d::173c:60b0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d43431d1328d7247adb0c92cde735d0c3267848151ed0efae2b39047e6c5e143
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Sun, 13 Nov 2022 21:47:10 GMT
x-resizerversion
1.0
x-source-length
135783
x-datacenter
westus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429123
x-activityid
2daa0efc-f279-4d37-9c0d-dbe4b213c01d
content-location
https://img.s-msn.com/tenant/amp/entityid/AA144fYv?h=300&w=400&x=640&y=289.5&m=2
timing-allow-origin
*
content-length
38049
expires
Fri, 18 Nov 2022 21:47:19 GMT
gdpr.css
simcast.com/widgets/gdpr/ 		799 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/gdpr/gdpr.css
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 23:52:06 GMT
server
Apache/2.4.38 (Debian)
etag
"31f-5d2ab2d5f1580-gzip"
vary
Accept-Encoding
upgrade
h2
content-type
text/css
connection
Upgrade
accept-ranges
bytes
content-length
351
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a868e245bcde2342e3a8f8f225c460b9efa568753b43a41190356f447137e14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43679
x-xss-protection
0
last-modified
Sun, 13 Nov 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 13 Nov 2022 22:35:16 GMT
/
cat.hbwrapper.com/ 		15 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Sun, 13 Nov 2022 22:35:15 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/ 		303 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6b74c229aa6bbdfcb4b4e9894bf476586cc59f7bdc7f0564fe7a1199b356a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
769afabfda292bb7-ORD
expires
Thu, 01 Jan 1970 00:00:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127016c709270af117ec2c509d797e76a3a49f6cc2c0800b8f6480e35b784f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27293
x-xss-protection
0
server
sffe
etag
"1391 / 538 of 1000 / last-modified: 1668208008"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Nov 2022 22:35:15 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Sun, 13 Nov 2022 22:35:15 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
743D5S71E0MEGSKQ
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
nI4FuSQBY0U6JH5fxrXH+rh/o/wXy6F19yqbMStYic63wpfhUH9EmtHE6zt+2G8wCbGryHiHA3s=
fa-solid-900.woff2
simcast.com/lib/fontawesome-5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simcast.com/lib/fontawesome-5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: simcast.com
URL: https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer
https://simcast.com/lib/fontawesome-5.9.0/css/all.min.css
Origin
https://simcast.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
last-modified
Wed, 08 Dec 2021 21:32:06 GMT
server
Apache/2.4.38 (Debian)
etag
"126b0-5d2a938b14180"
upgrade
h2
content-type
font/woff2
connection
Upgrade
accept-ranges
bytes
content-length
75440
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/20221108/ 		667 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Requested by
Host: tryyourfirst.icu
URL: http://tryyourfirst.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.93.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-93-42.compute-1.amazonaws.com
Software
Apache /
Resource Hash
fd241ff93ad738963d4edc9838e8e3054839a981a6906f26f39dcb27cde4bef9

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
last-modified
Tue, 08 Nov 2022 21:35:52 GMT
server
Apache
etag
"a6b2e-5ecfc53005e00-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Sun, 13 Nov 2022 23:35:16 GMT
pubads_impl_2022110801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 11:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131898
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 09:38:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Nov 2023 11:53:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		113 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
expires
Sun, 13 Nov 2022 22:35:16 GMT
fpc
at.teads.tv/ 		56 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.30.145 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-30-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
87c3a197a48c22c41d42c060f2fdaeb239858f90a3bda093235c63952c367912

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:16 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
56
Expires
Sun, 13 Nov 2022 22:35:16 GMT
ajaxjs.php
simcast.com/widgets/ms/ 		4 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simcast.com/widgets/ms/ajaxjs.php?fra=0&p=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.244.12 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-45-79-244-12.atlanta.nodebalancer.linode.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
upgrade
h2
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
connection
Upgrade
content-length
24
expires
Thu, 19 Nov 1981 08:52:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e83fa5597761d271429ccc2db223e5a3f5eae0f0c6d7009dba83a5d9e667608d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119490
x-xss-protection
0
server
cafe
etag
16174728228467376541
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Nov 2022 22:35:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/ Frame 0957 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
13085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 18:57:11 GMT
etag
10353107486223812946
expires
Sun, 27 Nov 2022 18:57:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://simcast.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		818 B
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
400f85ef29a724123d5e8905fd73cb62a12be70011f5236985d4bb46fd5bcd2c

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:16 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.232.0
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2606:ae80:1451:21::500 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
hbjson
grid.bidswitch.net/ 		24 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2d9e1f06819ebe1cca881b1570d162835a602346ca2a6b7538f7fd5cacb1a91c

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 13 Nov 2022 22:35:16 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=754850&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2273ab04cd0625cbb%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Ftryyourfirst.icu%2F%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22domain%22%3A%22simcast.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22simcast.com%22%7D%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%227.18.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fsimcast.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22adunitcode%22%3A%22867308da-aec8-4c84-a76c-514ce1fe7ae4%22%2C%22divId%22%3A%22867308da-aec8-4c84-a76c-514ce1fe7ae4%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2274ebe4a6f7e26ce%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22754850%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_970v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_970v_1%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22789ad1ecc3045f2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22755348%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_2%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_2%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2282205fdaf767083%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22755347%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_300v_1%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_300v_1%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2284f71327f38f70a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22755349%22%2C%22fl%22%3A%22p%22%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%2C%22gpid%22%3A%22%2F22181265%2Fsmc_sticky_footer%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1404%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221941fa6e-2dac-4842-a131-7dc4a1cf6cd3%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cab1d8cb363d396a33cac39395f6a288691c66a4b670af3e09dd65a3e74338a

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrpXWNF2M3T7dRB2WMVYcEcntEnHt3aiZUpW1wWlh14PwacW%2B%2B52eWbMBn70Sw6is7WEPLq0eyPVLVX61Aj0R%2BmbfQz7n46DGa8feiKYqKjFg44bsLGSuxq7Ct13wH56CClDSHHW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
769afac21cf8e12b-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pb
ad.360yield.com/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.31.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-31-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sun, 13 Nov 2022 22:35:16 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bidRequest
in-appadvertising.com/api/ 		55 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-appadvertising.com/api/bidRequest?bidId=91ef67ac309ce9e&pubId=30557&sectionId=10399&vers=7.18.0&url=https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0&sizes=728x90&tr_wd=0&tr_hd=0&tr_vs=visible
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
7e.6d.3fa9.ip4.static.sl-reverse.com
Software
nginx/1.16.1 /
Resource Hash
7ffcbd4cd826103fd240b1eab533b0704c569ca77ebcc28225181e572cd9218d

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:16 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,OPTIONS,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://simcast.com
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Cache-control
no-cache
Access-Control-Allow-Headers
Content-Type, Content-Length, X-Requested-With
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:16 GMT
AN-X-Request-Uuid
2dd5bb62-ed5f-48a0-a47f-d7057c9e744a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://simcast.com
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sun, 13 Nov 2022 22:35:15 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://simcast.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
cdb
bidder.criteo.com/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.18.0&cb=80899569852&lsavail=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Nov 2022 22:35:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
prebid.media.net/rtb/ 		28 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
28d8310ca41ef987e2c3197fb4abfbc2133f98b3429816e7984e5544c116e5f6

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
694cd8004fd5b1376add7433a4040612c39b7e6b761f0cf5f3dacda5723bf1d9

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
782a61e1a386882a45f13e8b9df33bc38814cabc29ae84e5060fc76170150065

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6246cca06aa1dc013495510fd040ebb520ba03f06f0f7465b7541555211a71f5

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7bc865d4888297484b184aa35555184abea6ef96a77f82f2e55144f140104be8

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4a50a06438c16ac8d3ad656b951ecf98c85d5c011b07470955cb48183bd1ca53

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fb4c5ff4f54c6b47da6d9a932a893d4b39b6b2b7f9c66d0192ce3b9e8b6a8b33

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5ba24eaa5b26a1e035d150eaea532508bfb4ace4e7887c3c4807f130d60fbe2f

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ee2407419a39139d1fead2c9dcc35575f2ac43f7ff9c39734581c7f798ccc09d

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9d462d0ecc3b73f5f913f52596f4c62d09828662ace2b1d8899a84f502840153

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
79f758d6b93f3763160577e6f3cd56c040a266c4c093a81d9c4b9502f1f16a5a

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ecddff71efbd9fc40b0c228c1e9821ef43fca86157672d0918e37d15b22885b8

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8c25c5a2481b2fbe4295483d3d606ee84c263ee86d83cce98bffe012104926f9

Request headers

Referer
https://simcast.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
content-length
66
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.169.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-169-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Sun, 13 Nov 2022 22:35:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.169.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-169-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Sun, 13 Nov 2022 22:35:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.169.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-169-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Sun, 13 Nov 2022 22:35:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.169.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-169-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Sun, 13 Nov 2022 22:35:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.169.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-169-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Sun, 13 Nov 2022 22:35:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.169.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-169-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Sun, 13 Nov 2022 22:35:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.169.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-169-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Sun, 13 Nov 2022 22:35:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.169.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-169-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://simcast.com
Date
Sun, 13 Nov 2022 22:35:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
bid
s.seedtag.com/c/hb/ 		79 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
85fde9e161a1a5f0d3b373e1716be8d33a862045a5be27b66be824494697c7f2

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
via
1.1 google
server
nginx
etag
W/"4f-vbv1/oZyyq1adyD24T6f7ANYYpw"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ghb.adtelligent.com/v2/auction/ 		8 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4359f448202c4bf23b8413a186a05e29b541fe067639120ffb2ca9bd76a327d5

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 13 Nov 2022 22:35:15 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://simcast.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1007
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205158314-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 13 Nov 2022 22:34:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
18
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 14 Nov 2022 00:34:58 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=simcast.com&callback=_gfp_s_&client=ca-pub-9565037823771164&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f0417a415192f2b8e1d87330dc1137dfa03f4b9f70cfcfa2890cdba3b0a4e71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&tn=DIV&cls=gdpr-block&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&tn=DIV&cls=menutop%20clearfix&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D9AE 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9565037823771164&output=html&adk=1272721408&adf=3838797007&lmt=1668378916&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668378916034&bpp=3&bdt=484&idt=196&shv=r20221109&mjsv=m202211080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1803849476203&frm=20&pv=2&ga_vid=396667311.1668378916&ga_sid=1668378916&ga_hid=1666953408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44770881%2C44774292%2C21066431%2C44777924&oid=2&pvsid=113185230850889&tmod=1006125930&uas=0&nvt=1&ref=http%3A%2F%2Ftryyourfirst.icu%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 22:35:16 GMT
expires
Sun, 13 Nov 2022 22:35:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 13 Nov 2022 22:25:34 GMT
server
cloudflare
age
461
etag
W/"904cd3-9a4f-5ed6199fb8b18"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
769afac38c1a8108-ORD
expires
Mon, 14 Nov 2022 02:35:16 GMT
css
fonts.googleapis.com/ 		3 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Nov 2022 21:23:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Nov 2022 22:35:16 GMT
icon
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Nov 2022 22:35:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Nov 2022 22:35:16 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
971677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36uW0vaW04%2F4GmEsVlDgL0AwkPlXrkj9Qvy%2Fnj671HkgkbTSKv5NSwYaek%2BqLk3n75eO7YMY3UGzspHb%2Bl6gGIyVZwuHXkwb7earfEAZsBZZwhz4j71g%2B9GlCwrCNAt3pCyhOcUBpz97R%2BjaM6ekPNWd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
769afac37fcfe1de-ORD
expires
Fri, 03 Nov 2023 22:35:16 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 4DC8 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
197248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubBEObjTWjWyD1gGRS0dkDmOVcTxaLi%2B1xgPxYxNqwLx54xcJ2EuKXG%2BW8EeAx7buXkxdFW0GWztWDyvKuQWB3JZZDxX8meWgJNOEM8zJmI7SP6lx7IFX2bP1KL%2Bzvpg0SmGjPHi98XygYOAj%2B01rcrl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
769afac37fcde1de-ORD
expires
Fri, 03 Nov 2023 22:35:16 GMT
prebid.js
d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/ Frame 4DC8 		334 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
content-encoding
gzip
via
1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 23:36:58 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
etag
W/"1c7777ec3f15f66750ea282b9545a85d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
3LCPtIpIs1ngcVi3LwGsud6mUUhu2gd9nQjEzwtgC5FHPRWzLB8a0w==
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		103 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=84
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4e00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9d44c3bcf6b292c5658d4db0826cf1448c66f1a82ef89fb6f69e56d4577243c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
17OYwaRyJvVLLPbNoHZLc7uP1MRyVVTM
content-encoding
gzip
via
1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
date
Sun, 13 Nov 2022 18:33:57 GMT
last-modified
Thu, 03 Nov 2022 20:41:11 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
14480
etag
W/"9ab11bd3faed06215b8a91bbbc7774fe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=84600
x-amz-cf-id
lAdvr1OzOXlWPDx-Rv96vtn7p2miNYuw3c7zr0W1Ir9hhOKqfWtmVA==
comScore.gt.min.js
d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/ Frame 4DC8 		335 KB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/players/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 01:41:44 GMT
via
1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 23:25:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
75213
etag
"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
342796
x-amz-cf-id
7YJKVhW8E5Xt6hlZ1OcLYyMJdboaQKYAjj8dmPQ-4AYovEQMGJ70zg==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		370 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4c52d065f54f30b3944ed6d83d97e3eec06f305c9ecaab134ff7ee6170077c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126378
x-xss-protection
0
expires
Sun, 13 Nov 2022 22:35:16 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 17:01:31 GMT
via
1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
20026
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
WEKfGQC9lPKdGeezTOYV24JKdJkGyxA7QLAz0Td_-_uFk0kwb469hA==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 00:56:59 GMT
via
1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
77898
etag
"311cf2edc46e82f2a6911332b7db54e1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
19zZpbguFPL2lbRIdZ1KIqsXo96mf0hBDqlK_LHKU6smvi6uj63XDA==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 23:54:03 GMT
via
1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
81674
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
pPkI6Oid2J0XSayqMRY9Jd4U-FP1auRMFkt2LNZ4ePiW3qTUTzc4QA==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 15:16:07 GMT
via
1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
26350
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
h2MdO0XAcoc7SkrzqA042fOYMM8mvvkT4cKX0sLBbXcDP94MtzSJhw==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=970737&version=7.10.1&age=221113&cmd=PRE_INIT&key=eKVKXbhX&seq=1&order=1&absoluteTime=1336.8&relativeTime=0.1&canonical=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		36 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=RFsQtCQSgddCEx0z&instance=970737&version=7.10.1&age=221113&ESG_key=eKVKXbhX&type=FULL&EXTREF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.93.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-93-42.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b91045478de9f68c16d526766a3a783d5f5e191a149da617881625883f1824da

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
content-length
7019
expires
Sun, 13 Nov 2022 22:35:17 GMT
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/ Frame 4DC8
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Server
2600:9000:210b:c200:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:34:55 GMT
content-encoding
br
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
22
x-amz-server-side-encryption
AES256
etag
W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
wrqahA46h9fdFZUFyyF-xCoNAhL4HVkzElw8QW0vikK8W_PG6Hijyw==

Redirect headers

date
Sun, 13 Nov 2022 06:51:18 GMT
via
1.1 603961b1b2dad8873023f00c2744bd6e.cloudfront.net (CloudFront), 1.1 b7ddb18a56b4bad68ca78b085e9ca450.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD66-C2, EWR52-C2
age
56638
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
djjvQdA_GWP-zO58p8_Z3I3lPSvndHzPrijDxyNEeDdFRHfTNRVfyg==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1666953408&t=pageview&_s=1&dl=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&dr=http%3A%2F%2Ftryyourfirst.icu%2F&ul=en-us&de=UTF-8&dt=Simcast%20News%20portal.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1709142221&gjid=1185835596&cid=396667311.1668378916&tid=UA-205158314-1&_gid=100556751.1668378916&_r=1&gtm=2oub90&z=1424956696
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity
api.rlcdn.com/api/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		109 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
58831c971fb91e1ca9b850996f7c3715becbe589dc041bc7f3688d4ef88a9b24

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 13 Dec 2022 22:35:16 GMT
/
id.sv.rkdms.com/identity/ 		66 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=simcast.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.126.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-126-101.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
a90207f249eab38f51b4ecd6f0d71a611b111d8fa5576205620c9b07f865a11a

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://simcast.com
date
Sun, 13 Nov 2022 22:35:16 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
66
vary
Origin
content-type
application/json
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&cmd=GET&key=eKVKXbhX&c_id=12018&seq=1&order=2&absoluteTime=1482.3&relativeTime=145.6&canonical=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&EXTREF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=GET&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=CUVK6Ohqs0&USR_ID=214970737&ST_usrKey=RFsQtCQSgddCEx0z&SM_ID=2359689&C_ID=12018&C_companyName=Adapex&version=70100010&sC_ID=6161&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.185.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-185-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:16 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sun, 13 Nov 2022 22:35:17 GMT
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-33.jfk50.r.cloudfront.net
Software
Apache /
Resource Hash
7717da18fff86552728b93961721cf5acb4fdd04c8e08535096af16bb206587f

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:21:26 GMT
content-encoding
gzip
via
1.1 7225c7fb64d09bab64bc17e314ef26a2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
831
x-cache
Hit from cloudfront
content-length
1456
last-modified
Fri, 11 Nov 2022 19:27:39 GMT
server
Apache
etag
"f9a-5ed36e1fca0c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
3rx0tevdXhxhCsDKwT6oOkAtGFj9MnjVAgNaHTzcFM37kSQDXmrhPw==
expires
Sun, 13 Nov 2022 23:21:25 GMT
5o49a5dcfmsfaob71z03g7npsncxg98k.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/5o49a5dcfmsfaob71z03g7npsncxg98k.jpg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4307b4528a115b198538535904c628c6d971a3b070f23313332c4e56d0a7b74b

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 16:13:45 GMT
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
22892
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
46616
last-modified
Sun, 13 Nov 2022 15:58:13 GMT
server
AmazonS3
etag
"cd81b601f0a507346bc4703b307b7278"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
1CZE-y6zrRgNu2swp_vWpA_yWdD6IM29luhYIUJhC5_Z9LZPyzPgbA==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&cmd=RTP&key=eKVKXbhX&c_id=12018&seq=1&order=3&absoluteTime=1503&relativeTime=166.3&sC_ID=6161&sm_id=2359689&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=RTP&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=CUVK6Ohqs0&USR_ID=214970737&ST_usrKey=RFsQtCQSgddCEx0z&SM_ID=2359689&C_ID=12018&C_companyName=Adapex&version=70100010&sC_ID=6161&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.185.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-185-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:16 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sun, 13 Nov 2022 22:35:17 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 4DC8 		185 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9000ac6e87387641c9ef778db9586e320bf451e28815384c5e72b689876bcc90
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
strict-transport-security
max-age=15552000
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
40112399
etag
W/"551756787971b257da9f419bdc840bdf3a84e9696"
surrogate-control
max-age=63072000
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
max-age=3600
cf-ray
769afac4fea42c07-ORD
x-application-context
services-js-tag:default,prod:8089
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 15:15:04 GMT
x-content-type-options
nosniff
age
199212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 15:15:04 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 07:45:24 GMT
x-content-type-options
nosniff
age
398992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 07:45:24 GMT
bridge3.544.0_en.html
imasdk.googleapis.com/js/core/ Frame ACFA 		690 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
90879
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226556
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 12 Nov 2022 21:20:37 GMT
expires
Sun, 12 Nov 2023 21:20:37 GMT
last-modified
Thu, 10 Nov 2022 19:42:54 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 13 Nov 2022 22:35:16 GMT
headerstats
as-sec.casalemedia.com/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwV%2BWvcU7jCcGXrwUyMGehw3Wj%2Bg%2BkgvY9lnCOQgsHI05e23xkJSBxYAqL8UcJLIFUDzvvArfoMVju35RIsTRFH17e2Zju2W%2BBgjoDiMMwGNsgs8J7omH7NPYECTpu4j4BwNh52ohRM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
769afac5bfac2d46-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
t
ds.reson8.com/v1/ Frame 4DC8 		18 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ds.reson8.com/v1/t
Requested by
Host: cdn.resonate.com
URL: https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.110 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74df6a6e6baba23c158bc44b03c0e68cd743edffbf10942864e70e1414936b48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:16 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
cf-ray
769afac6283362fc-ORD
content-length
18
translator
hbopenbid.pubmatic.com/ Frame 4DC8 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sun, 13 Nov 2022 22:35:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame 4DC8 		19 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.12.0&referrer=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&tmax=3000
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.186.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-186-45.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:16 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 4DC8 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.34.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-34-248.compute-1.amazonaws.com
Software
/
Resource Hash
c4d44d81e7d14e8f94205363f8a44c71161f78af8ade9d5db6b9d5fb6a43c9c7

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:17 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 4DC8 		19 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:16 GMT
AN-X-Request-Uuid
7c9b89bb-e5cb-46cd-b070-6d8e38b46b5e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://simcast.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 4DC8 		0
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.143 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
x-spotx-timing-spotmarket-primary
0.020405
x-spotx-timing-transform
0.000301
x-spotx-timing-spotmarket
0.020405
x-spotx-timing-page-require
0.000346
x-fe
333
x-spotx-timing-page-misc
0.003000
x-spotx-timing-page-cookie
0.000044
x-spotx-timing-page
0.025140
pragma
no-cache
x-spotx-timing-page-context
0.000262
last-modified
Sun, 13 Nov 2022 22:35:17 GMT
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://simcast.com
x-spotx-timing-page-exception
0.000001
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
x-spotx-timing-page-uri
0.000013
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-mux
0.000768
access-control-allow-headers
expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 4DC8 		37 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2211bab6ad0d22894%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22page%22%3A%22https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0%22%2C%22keywords%22%3A%22search%2Cnews%2Cautomotive%2Cbeauty%2Ceducation%2Cevents%2Cfashion%2Cfinance%2Cgames%2Chealth%2Chome%2Cinsurance%2Clegal%2Cpets%2Cproperty%2Cshopping%2Csports%2Ctechnology%2Ctransport%2Ctravel%2Cutilties%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212704531c00abda%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A761%2C%22h%22%3A428%2C%22sizes%22%3A%5B%5B761%2C428%5D%5D%2C%22playerSize%22%3A%5B%5B761%2C428%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22stnvideo.com%22%2C%22sid%22%3A%22VRAfdwVZOg7jMyH8bxgoOA%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24409cefca23792074814d8e770cbb15affc091d790408bd8d65c62c1cfb2fe2

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hNnOxo%2BNX5EgsgRPceK5zcIEaeaFqFZLMS6kT5farHd4j%2FjMSc003L7sR2uvmoeACHf58Q49emzMCsWt4MdukXeKnmIMiSi%2F5wj%2BmA9yX%2F%2F01dOElRsWowns1o%2FuCFtFOck8Q8b"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://simcast.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
769afac629eb29f1-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4DC8 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 20:40:17 GMT
x-amz-version-id
73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
content-encoding
gzip
via
1.1 0d3bc0372b2119705524079214a98b3e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
age
6900
x-cache
Hit from cloudfront
last-modified
Tue, 08 Nov 2022 20:12:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
JbdHUM_U7-ETlfEmxTgVPEf6z3_oJePGwihyaMm1Klteb526tCXMsw==
config
c.amazon-adsystem.com/cdn/prod/ Frame 4DC8 		248 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsimcast.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 19:35:06 GMT
via
1.1 b7ddb18a56b4bad68ca78b085e9ca450.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
10809
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
RtU2DSZKUy_nFZnCGh97Fx5JLwZh9XzRx64vhfg3k5VnwkL2ZW7DAQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 4DC8 		23 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&pr=http%3A%2F%2Ftryyourfirst.icu%2F&pid=IDFyzqxA7wm3Q&cb=0&ws=300x150&v=22.1107.1609&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2CVRAfdwVZOg7jMyH8bxgoOA%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.50.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-50-211.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:16 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 11addd18912b8ffba16fde7055a9ca56.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
KE34VPAX1A363WE2ACAR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
zVyN9IfSaW0KnRGSWdoz4uQE1eSC_4fseHO62g3aN27crp3nkbZVEg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 4DC8 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tryyourfirst.icu
URL: http://tryyourfirst.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.59.24 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-59-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Sun, 13 Nov 2022 22:50:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a60936eaa4ebcbf19e2d53708ae96fc046dcf95fe11bff45442d4c28c99a4735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11171
x-xss-protection
0
2290870351714121637114485e8959.45261688playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		305 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/2290870351714121637114485e8959.45261688playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ca0f43a01af45fdbc0cbf9e0cb03ee53215309999d1b3dab0975a95fcc157a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 16:13:52 GMT
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
22886
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
305
last-modified
Sun, 13 Nov 2022 16:01:35 GMT
server
AmazonS3
etag
"e9893b81380f3ac5419f03b310a6ded5"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
7lq9I1V8bVOjqwCxVPuhseK0QDrwzIIuGLMAMbOHdn_UzjuaMlFf5w==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&cmd=IMA&key=eKVKXbhX&c_id=12018&seq=1&order=4&absoluteTime=2057.4&relativeTime=720.7&EXTREF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&playerCfg=FL&recoveryMethod=SSAI&imaVersion=3.544.0&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&ldt=BIDS&key=eKVKXbhX&c_id=12018&seq=1&order=5&absoluteTime=2058.1&relativeTime=721.4&sm_id=2359689&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=6161&load=1&status=LVFNLNIY&ac_id=2008&prebid.cid=0&prebid.bidders.pubmatic.time=210.9&prebid.bidders.triplelift.time=205.5&prebid.bidders.rubicon.time=273.9&prebid.bidders.appnexus.time=56.7&prebid.bidders.spotx.time=303.2&prebid.bidders.ix.time=118.4&prebid.start=1717.3&prebid.time=314.1&prebid.timeout=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
2290870351714121637114485e8959.45261688base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		3 KB
3 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/2290870351714121637114485e8959.45261688base.en.vtt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bae58ed68eae068bb7f7ab5fe9f8b1c48e81c60252cf0a650ceec7a9da670ca8

Request headers

Referer
https://simcast.com/
Origin
https://simcast.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 16:13:52 GMT
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
22886
x-cache
Hit from cloudfront
content-length
2831
last-modified
Sun, 13 Nov 2022 16:00:54 GMT
server
AmazonS3
etag
"bba3be643337248a85575466bd8f4e7e"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
HY7_UnVVlRBia-a7zbnuArvYw82RnVfMgLrXHGytkeesY0gaZr8gqg==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Nov 2022 22:35:17 GMT
2290870351714121637114485e8959.45261688.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		1 KB
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/2290870351714121637114485e8959.45261688.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48703f5acd90ec561cadb6f48d9b9f54e5643b284598a18847d3d331184f826d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 16:13:52 GMT
content-encoding
gzip
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
22886
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Sun, 13 Nov 2022 16:01:35 GMT
server
AmazonS3
etag
W/"39f60bc09339d14603ff4c729283dbe4"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
buVBb3FhaQRB-fjkV03e2Q-ObOGWS2hrWUCNJpFHEIrqN4dCUo_QWg==
2290870351714121637114485e8959.45261688-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		452 KB
453 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/2290870351714121637114485e8959.45261688-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d50c59d665d1d719befb5b79d53c5dbf44613fe0aca3f37667b5cd69a523cc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 16:14:20 GMT
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
22858
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
463044
last-modified
Sun, 13 Nov 2022 16:00:42 GMT
server
AmazonS3
etag
"8be25f7a0d42a312f7be3a3a9390e7ca"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
KWGqc3-0N5N6exo_mJ_PXMklvX4ztLEOvXLi86mmvoMmLFN-oC7Vuw==
ads
pubads.g.doubleclick.net/gampad/ Frame ACFA 		36 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22632072816%2Fsimcast.com-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2460952&vid=2359689&us_privacy=false&cust_params=sessionKey%3D214970737-RFsQtCQSgddCEx0z%26schain%3Dstnvideo.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D6161%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.10.1%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00073%26rand%3D6%26iris_id%3Diris_7dca673c1571890e%26iris_context%3Dic_6174988%2Cic_2291553%2Cic_2416407%2Cic_7753435%2Cic_2407074%2Cic_8328276%2Cic_5043113%2Cic_3890383%2Cic_8555203%2Cic_7257346%2Cic_4293168%2Cic_5081694%2Cic_8050831%2Cic_3914383%2Cic_1650667%2Cic_7767399%2Cic_1994909%2Cic_2603269%2Cic_3142135%2Cic_6602298%2Cic_0105657%2Cic_2498081%2Cic_3547359%2Cic_6288001%2Cic_2371949%2Cic_6452866%2Cic_0981560%2Cic_5140707%2Cic_4868828%2Cic_4700553%2Cic_4333712%2Cic_2434802%2Cic_0504887%2Cic_2483904%2Cic_3496293%2Cic_3126790%2Cic_1709068%2Cic_3885449%2Cic_8401545%2Cic_0854364%2Cic_2897216%2Cic_3496718%2Cic_0899282%2Cic_9954675%2Cic_3393155%2Cic_9677800%2Cic_1655055%2Cic_2540565%26us_privacy%3Dfalse&sdkv=h.3.544.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&sdki=445&ptt=20&adk=2458199627&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.544.0&sid=66F0AD2B-9BF2-4015-89D8-01C88FE96AA8&nel=0&eid=44748969%2C44765701&ref=http%3A%2F%2Ftryyourfirst.icu%2F&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&dlt=1668378915550&idt=1415&dt=1668378917257&cookie=ID%3D4a28ec0a61629106-2256615732d80082%3AT%3D1668378916%3ART%3D1668378916%3AS%3DALNI_Mb9IRE_FhMstCNUbNL1kmrIyG6mSA&gpic=UID%3D000008a90221b371%3AT%3D1668378916%3ART%3D1668378916%3AS%3DALNI_Mb41NV72n-Lp_2a1HpQKHvxZWr2UA&correlator=1724389896168923&scor=3503303912518180&ged=ve4_td1_tt0_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f2ba3d835547860025276010df2fc6ff4543c32d90ac7486572eeea8ab08013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1787
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F67 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
98835
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 12 Nov 2022 19:08:02 GMT
expires
Sun, 12 Nov 2023 19:08:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 233D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c6ae5f8b98ce1e3d1bebfbcafa09505150fed31556d4afd9aa25ce07062a1449
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-reL16VFKNyJzrQLkCRvHRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-reL16VFKNyJzrQLkCRvHRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 22:35:17 GMT
expires
Sun, 13 Nov 2022 22:35:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
2649aada-e6f8-4fd3-8812-e1931ff0659c
https://simcast.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://simcast.com/2649aada-e6f8-4fd3-8812-e1931ff0659c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16fb2a576203586c2b8134ec9c5372c9c0641ea10cd3f14716a6f1118a417d06

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
2290870351714121637114485e8959.45261688.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		1 KB
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/2290870351714121637114485e8959.45261688.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
678bb4ac2923f085af3b092b10a91b37b92d991d415a0662485fd715c8677887

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 16:14:21 GMT
content-encoding
gzip
via
1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
22857
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Sun, 13 Nov 2022 16:01:35 GMT
server
AmazonS3
etag
W/"fcfcfb9ffe2b87ae9ec1f207db350064"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
w1E4aIvxhclMiX_kBieYdoOxE3J6K0c6lRP3hX6Y63i5fHj-pCfEvQ==
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 0F67 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 19:08:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Nov 2023 19:08:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 233D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221109&jk=113185230850889&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&cmd=INV&key=eKVKXbhX&c_id=12018&seq=1&order=6&absoluteTime=2432.8&relativeTime=1096.1&alt=0&sC_ID=6161&sm_id=2359689&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&playerCfg=FL
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_stn_l.php
timber.sendtonews.com/timber/ 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://timber.sendtonews.com/timber/data_stn_l.php?CMD=INV&ESG_key=eKVKXbhX&ES_key=eKVKXbhX&ES_ID=30800&S_RKEY=CUVK6Ohqs0&USR_ID=214970737&ST_usrKey=RFsQtCQSgddCEx0z&SM_ID=2359689&C_ID=12018&C_companyName=Adapex&version=70100010&sC_ID=6161&AC_ID=2008&TYPE=FLOAT&EXTREF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&REF=https://simcast.com/?d=tryyourfirst.icu%26pcid=802%26rid=152%26a=0&PLAYERWIDTH=761.125&PLAYERCODE=LVFNLN&OGSET=1&REFONLY=1&STRIPQUERY=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.185.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-185-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:17 GMT
cache-control
max-age=1
content-type
text/html; charset=UTF-8
server
Apache
content-length
0
expires
Sun, 13 Nov 2022 22:35:18 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame ACFA 		129 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fsimcast.com-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214970737-RFsQtCQSgddCEx0z%26schain%3Dstnvideo.com%2CVRAfdwVZOg7jMyH8bxgoOA%26content%3D6161%26placementType%3DPremium%26embed%3DeKVKXbhX%26domain%3Dsimcast.com%26player_size%3Dlarge%26player_width%3D761%26player_height%3D428%26player_type%3Dfloat%26version%3D7.10.1%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00073%26rand%3D6%26iris_id%3Diris_7dca673c1571890e%26iris_context%3Dic_6174988%2Cic_2291553%2Cic_2416407%2Cic_7753435%2Cic_2407074%2Cic_8328276%2Cic_5043113%2Cic_3890383%2Cic_8555203%2Cic_7257346%2Cic_4293168%2Cic_5081694%2Cic_8050831%2Cic_3914383%2Cic_1650667%2Cic_7767399%2Cic_1994909%2Cic_2603269%2Cic_3142135%2Cic_6602298%2Cic_0105657%2Cic_2498081%2Cic_3547359%2Cic_6288001%2Cic_2371949%2Cic_6452866%2Cic_0981560%2Cic_5140707%2Cic_4868828%2Cic_4700553%2Cic_4333712%2Cic_2434802%2Cic_0504887%2Cic_2483904%2Cic_3496293%2Cic_3126790%2Cic_1709068%2Cic_3885449%2Cic_8401545%2Cic_0854364%2Cic_2897216%2Cic_3496718%2Cic_0899282%2Cic_9954675%2Cic_3393155%2Cic_9677800%2Cic_1655055%2Cic_2540565%26us_privacy%3Dfalse&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1263268&sid=66F0AD2B-9BF2-4015-89D8-01C88FE96AA8&adk=2458199627&correlator=1724389896168923&ctv=0&dlt=1668378915550&dt=1668378917493&ged=ve4_td1_tt0_pd1_la1000_er313.20.468.320_vi0.0.1200.1600_vp100_ts0_eb24171&idt=1415&is_amp=0&omid_p=Google1%2Fh.3.544.0&osd=2&ptt=20&ref=http%3A%2F%2Ftryyourfirst.icu%2F&scor=3503303912518180&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=false&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&cmsid=2460952&mpt=stnvideo%2Fplayer&sdki=445&sdkv=h.3.544.0&sdr=1&vconp=2&video_doc_id=2359689&vpa=auto&vpmute=1&nel=0&cnc=22632072816&kfa=0&tfcd=0&top=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&loc=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&cookie=ID%3D4a28ec0a61629106-2256615732d80082%3AT%3D1668378916%3ART%3D1668378916%3AS%3DALNI_Mb9IRE_FhMstCNUbNL1kmrIyG6mSA&gpic=UID%3D000008a90221b371%3AT%3D1668378916%3ART%3D1668378916%3AS%3DALNI_Mb41NV72n-Lp_2a1HpQKHvxZWr2UA
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f40fdab22a78db476332a66073091e32da65fd4d4445e111c18a03eb8e9ba44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17578
x-xss-protection
0
google-lineitem-id
6069764760,6071328439,6051429593
pragma
no-cache
server
cafe
google-creative-id
22080372926,22080372926,22080372926
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 0F67 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GO4mvA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=simcast.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		136 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=113185230850889&correlator=3661543575300374&eid=31070836%2C31070117&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&iu_parts=22181265%3A22632072816%2Csmc_970v_1%2Csmc_300v_2%2Csmc_300v_1%2Csmc_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C728x90%7C728x250%7C970x250%2C300x250%7C300x100%7C320x100%7C336x280%2C300x250%7C300x100%2C728x90&ifi=2&adks=2978211836%2C3984934612%2C3545206658%2C3390712034&sfv=1-0-39&prev_scp=refresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_adid%3D15645292566edb3d%26hb_bidder%3Dmedianet%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26hb_bd%3D0%26anh%3Dadhesion&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D400%26wrap_l%3D700%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D300%26padpr%3D20%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26waae%3D1600%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D4a28ec0a61629106-2256615732d80082%3AT%3D1668378916%3ART%3D1668378916%3AS%3DALNI_Mb9IRE_FhMstCNUbNL1kmrIyG6mSA&gpic=UID%3D000008a90221b371%3AT%3D1668378916%3ART%3D1668378916%3AS%3DALNI_Mb41NV72n-Lp_2a1HpQKHvxZWr2UA&abxe=1&dt=1668378917697&lmt=1668378917&dlt=1668378915550&idt=582&adxs=315%2C791%2C1230%2C0&adys=193%2C1055%2C288%2C1909&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&ref=http%3A%2F%2Ftryyourfirst.icu%2F&frm=20&vis=1&psz=1600x0%7C417x0%7C339x0%7C1600x1839&msz=1600x0%7C417x0%7C339x0%7C728x0&fws=0%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0&ga_vid=396667311.1668378916&ga_sid=1668378916&ga_hid=1666953408&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42972797696a625c589cf32eea7f49b1b290b9c853575b07526292f2368455b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
303412,303412
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29012
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
461185
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simcast.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame F9D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 22:35:17 GMT
expires
Mon, 13 Nov 2023 22:35:17 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
insight.adsrvr.org/enduser/vast/ Frame ACFA 		42 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/enduser/vast/?t=1&iid=2e9f07bb-6aca-4df9-83b7-bc09b4d18a30&crid=2zxxzb3e&wp=Y3FxJQAJ-isITwSsAArA_6dESMxvBYu3Q9W4kw&aid=1&wpc=USD&sfe=15a8f125&puid=CAESEF9SahGOUQ7Rj3FmOPjxApw&tdid=&pid=7e23la0&ag=xejceum&adv=28pqcab&sig=1uzCv3vaAt3TuCQCjfvIpYTugqaYflWlyAgcMtCJ8nGk.&bp=18&cf=3592660&fq=0&td_s=simcast.com&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=pub-9505823743978337&did=2147221&rcxt=Other&lat=&lon=&tmpc=&daid=&vp=0&osi=&osv=&bv=1&vvp=&mk=Google&mdl=Chrome%20-%20Windows&testid=mkts-4636-disabled&vpb=PreRoll&dc=95&vcc=EB4Y5wcyBAgCCAlAAUgBUASgAY4GqAG4A8gBAdABA-gBAvABAfgBAYACA4oCDAgCCAMIBQgGCAcICJoCAggCoAICqAICwAIC&sv=google&pidi=1404&advi=249857&cmpi=2478631&agi=12454924&cridi=24705539&svi=1&tid=1&cmp=3u579qr&vrtd=14,15&srca=1&rurl=https%3a%2f%2fsimcast.com%2f&tsig=rMsqAtHX-2egn3DgDZ9ROm0ZFMWrp4a-cd2j2WCVW-4.&c=MAQ4AkgAUARYAYABAIgBApABALABALoBBQi0ARgCyQEzMzMzM7NBQA..&dur=CkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..&durs=bua7fp&crrelr=&said=FXmf02SyNYzrSrEpd8IOvA%3D%3D&auct=3&cxdur=0-15&cxlvs=0&im=1&tail=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
5b1eb7e744f1085c2b23d20adc951156e403a5463869858ec292c796de35e78d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:17 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 14 Nov 2022 22:35:18 GMT
csi
csi.gstatic.com/ Frame ACFA 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lafxqb87&c=1803849476203&slotId=901924738101.5&qqid=CJ-h8eWbrPsCFawETwgd_8AKWA&gqid=JXFxY8CTJZnjxtYPmYmYoAE&fb=ima_html5-lima&sdkv=h.3.544.0&ppt=stnvideo%2Fplayer&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=3.0&wta=1&ghmsh_eids=44748969%2C44765701&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x77&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:81f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChSBdJXFxY6v0J6yJvPIP_4GrwAW7z9r0XO6Jjs5SwI23ARABIABgybajiPCj7BKCAR1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzN8gBBeACAKgDAZgEAKoEgwJP0NIIBYkw3a04QZB2uF1Cmcf-8TcB0_5Z2znD_74O0W8UWWVZ-Rry58aVI65TWuUSAilKUqufx6-cHizaMgosk_lXwPyXCNR7dGG57AyJLFSg1GR_0fYMxU7xOTfXlv5jOfJuHQXCItfnnyElhP1srzuaR62ecECa9uipjpMgdMrSOg-7lRftJFm5Zol0rm8ri8tZqDL6mTyriUSIqFdRJNkBJvht0OGE01PLHxr7BRdDAqXbHpYAnnkH8e27RogoFHq5wp0QFN4LL2UtXw8sl3_lgNlr2xbJDl4a8RVRXO1HH7JX-AWrQbgcGeqAnKpHJppjtXrwavMPdCq6G02T4lrQ4AQBgAbRw6HYx6i-rqwBoAYqqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAPIHAiAB0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB&sigh=ZE_9QvdXsiE&label=video_ad_loaded&sdkv=h.3.544.0&vci=[CREATIVE_PLAYBACK]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B79lEJXFxY9_6JayJvPIP_4GrwAXUvPyhRgAAABABING9tz04AVi5v4HKgwRgybajiPCj7BKyAQtzaW1jYXN0LmNvbboBCzQ4MHgyNzBfeG1syAEF2gE8aHR0cHM6Ly9zaW1jYXN0LmNvbS8_ZD10cnl5b3VyZmlyc3QuaWN1JnBjaWQ9ODAyJnJpZD0xNTImYT0wmALQjAHAAgLgAgDqAh0vOTIwNTYyODEvc2ltY2FzdC5jb20tcHJlbWl1bfgC8tEekAPoApgD0AWoAwHgBAHSBQYQmIWlzhaQBgGgBjuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAfIHAiAB0ggPCIBhEAEYHTICigI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=bT32gft19ic&label=video_ad_loaded&acvw=[VIEWABILITY]&gv=[GOOGLE_VIEWABILITY]&sdkv=h.3.544.0&vci=[CREATIVE_PLAYBACK]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChSBdJXFxY6v0J6yJvPIP_4GrwAW7z9r0XO6Jjs5SwI23ARABIABgybajiPCj7BKCAR1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzN8gBBeACAKgDAZgEAKoEgwJP0NIIBYkw3a04QZB2uF1Cmcf-8TcB0_5Z2znD_74O0W8UWWVZ-Rry58aVI65TWuUSAilKUqufx6-cHizaMgosk_lXwPyXCNR7dGG57AyJLFSg1GR_0fYMxU7xOTfXlv5jOfJuHQXCItfnnyElhP1srzuaR62ecECa9uipjpMgdMrSOg-7lRftJFm5Zol0rm8ri8tZqDL6mTyriUSIqFdRJNkBJvht0OGE01PLHxr7BRdDAqXbHpYAnnkH8e27RogoFHq5wp0QFN4LL2UtXw8sl3_lgNlr2xbJDl4a8RVRXO1HH7JX-AWrQbgcGeqAnKpHJppjtXrwavMPdCq6G02T4lrQ4AQBgAbRw6HYx6i-rqwBoAYqqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAPIHAiAB0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB&sigh=ZE_9QvdXsiE&label=show_ad&sdkv=h.3.544.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MDY5NzY0NzYwQMwDCl4IARISaW5zaWdodC5hZHNydnIub3JnGg5UaGUgVHJhZGUgRGVzayADKggyenh4emIzZTIIMnp4eHpiM2VAhwFSHSUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ACFA 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFNkZBgi71hlH3_Vd2z4M6nOUPWK-91YdFc2LmKCUBiEuNapEJhQdncMlyZbEPlTyVOd8PyWzoBw9CO0UkGlJb20dNNeUdngemToVyTHWchgcUyU-AVTodGH812i1gfg6Ek_Q-wYfSU57S-xaug4DK-Ul98HV01xBGLO3MoPAP3HNdnbUIYeLLlm38Xh3C8XGbvqFyFvJbRbpZqdoze3S94VgwR_ZQHAFhP5BXyrpH1I970RX6JDIo-oZBts5MRM6DuCWC5z_tUKjovL6-a8UAJfTsoRIqRj94UT-URkVx_LqPcZ61TOaG0hvu_yvBE6cSI4UesFWTE-ze0bVrGMDDobquUFdHSjUNl3vANp_lcplW6SiUpHMJK4OrCU7hF2EI87z8zQE5Tiovt0Fs43JMwLz7FLzWcsyhuL521HwhVpfTKIUf-7WQoGXOC3kkQz1JQ0EnJZnRQBf2RP-jopNIj5pkZJgkIsjAcQQe_BvrhTtpYFlGskczcArNBgctEG-TG6V7CsP4I7TVy9LgxISuMzzCEQVdPw9cfOHWzd3W6vLKrSBkCIF-4w0mtcwCV0pjlacPe1XGlhM3KwDlJOF_HCz3GvNUKMqOWC-SucSJ8vwnzSm7-1PYM_gkj5FZr3zOvVoMKbdu2VkZ_aVDdCWxtzd1x8uGrooiQvIY2oqMRnZaHN914y_O15Z1i0A44odO2swHQNfb-U59NWrC4ygW8ccMyJSkfGfWVeNcM4xjVRGhtJijZwpCYjmeVpTPmiLnirgwKKZ0vFpvCDLWLkuupSlHxu8vXHb--H22FJJOw3uW5DTpRilbO96yRDVUh6WBtb1QufCL4RcVmL43i0v6WgxGoplNpd2y6ARgVrA6ksk99VIgKXvS4lBR-P3S6YXmuQA_J_hIA1geB05pTLOxNnsc6qUoapAp3fFVnDBO8vdHo-ZEnj-6JD-L1OiTgH-lrv1qveTQIK8Adbg6RY6Ij2lPgw2_mPsjNoNlrQpbaOjN03CUNSvjYXmHn_xfbAkCyEHD7KqJVtYmDnhYAgOQZkh7ml35zMFdodICJOb1OIj_HnxtSnfdhR1EAtNatQFljX_v4OnzfTshy0U5iJckREICvnaqNYMu_O391YIZC1E4bUCMCgWE_Ry38AcaM0AQrPAc-p0IWvDKlgZIpoh1zGgLNUq7NL-u5bZ_SNVbiJbKVp1dRkHiymreK_crfxb_xi7R-urmVgcaFooM5C0Jpe1BYRX7x3-jCNNsYC1BH0MiaAwUZGSnuqNS353aufk&sai=AMfl-YQNTXuVpvsK1ohsgssLpCIVWKpa3dVK4tjShrwqUR8u9k-ynmoQ9X8RiQZeae1vuoU_7fKFxqy-6EYLvlGLKXenvcM9CUXVPq-UFJCF5EXkawswWOeQlHoovYlvG5Vx4RrZjzP6Wd3B78wo6S765SxyNPiJIijV01jy9oZk0KeF-30X-Yy0JaZpyCeNTBg4qmplo6PQ3WvsSCEuUEUQMWpDbxF79cSHFIyehectDmiONwimrpiv7zhcBRXOWajlheInMU-nA4lZ4N4kl601T0UmUQW-TfyS&sig=Cg0ArKJSzCkm5ELlWUtoEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.544.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MDY5NzY0NzYwQMwDCl4IARISaW5zaWdodC5hZHNydnIub3JnGg5UaGUgVHJhZGUgRGVzayADKggyenh4emIzZTIIMnp4eHpiM2VAhwFSHSUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 13 Nov 2022 22:35:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
get
choices.trustarc.com/ Frame ACFA 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-67.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Oct 2022 07:58:08 GMT
via
1.1 23a7db9b99ad0ff99aeef1ab5f27e734.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
JFK50-P1
age
1262230
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
aobRuiL882mx2Wc4Ey1VHcQd4zfj2d-nLfTZU3Mo80ytKyzyalGOnA==
expires
Tue, 29 Nov 2022 07:58:08 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 7CD3 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47e4e1c834f2e155571dce296374dd00458ad7c8a72af3b69e08f35f4c81fdb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18683
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 19:46:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Sun, 13 Nov 2022 22:41:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221109&jk=113185230850889&bg=!6-il6KzNAAbvMpMzzzI7ACkAdvg8WsRx4fF_aoZn3JL6tqpTqkZN3v4xaRY-S1vtebZJMzr1e5pxvQIAAABbUgAAAAJoAQeZApYSwwc15m8lGChMMKPOlK_7QQrHAYV3UzXBMtg-eZUPOdl89fbxV3oyiKwEZ9uX-QS5gADblFFCEFj-SBDQN6TfMer4q7iVkzizNoPRPRN9lnk8B0SQbfzy8fpkL6zqqTNboIfYkoecW7t5g1g-jDmr0hgcJWQ7_TiXTnmfLEKrliTlRK4j0Z5-v4sdNuvD7rzdtEHSC1eAzo1IxHC_ITOBKoW-5dvE999osQ2AAC2qQrNBSL1Dyk1v00oYL73cDqTDrlR4SWiYfGZohHgck_v-iPxjAvwLn12GaixunPz4YSqpqezupQxzHA0Uz53mhM7nyDQeEOAO3Qi5Ramw6Xc90XtVSgqRgruTXiTu3CHKjq5WSNFNUzZOPY7CtwojwioT1n_-FM9324trAyy6VrLEiD4aXYMGSpUUfUeDb4thQ_C31SKcTCvf4z8r9QctXqBjPXZc18EQj6nhQ0B7xOu0LAfGYB1MJlinokqRm6FeQomlGzq5LoDlbzx16HCBdECflcb_s7n5WnFlQ5hwwsii4xerTNs3RlKQSKTgA1vmTIynowf2srdefTUsd6k6SPhjlRhcy5jj7gqBBtGnAh0XXl__AsZqVqZH0el5OyL5G0n4ak2QZemwFi4ukSF1hBte0Okz3_TPYkZvBcUXvAfSKw5Afee3ADt7guqu7i8BFWKoc_PVzxwL42v2k8T_9d5Fy0Z0nAJt2x6bUxXAs3wVvCukCxmogfvt_YVtd4ofgZAbIN1I0yh50ddFwchQ8ACbtgUW2Tl6GORFR-C1lXTBvxZ511zTpnYtLaovbjqU-yVS25p4uzhmsgr6XoQ74jOzoTps3uIonlLdNqwqg5Y_nD8NTGeTNXpfbnU7LIg8BrOUCuRN_g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
moatwrapper.js
svastx.moatads.com/thetradedeskvideo910663478306/ Frame 7CD3 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://svastx.moatads.com/thetradedeskvideo910663478306/moatwrapper.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.165.166 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-165-166.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ce902998227a14b3b643152620abed0787f2bdf7919482271c84476043ced3a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
last-modified
Fri, 23 Jul 2021 21:55:05 GMT
server
AmazonS3
x-amz-request-id
D2TN093QZKVAJFME
etag
"2dbeb9abf08431acc61e80edeae617c9"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2901
accept-ranges
bytes
content-length
22068
x-amz-id-2
HpT3wcT6SJzB1ojyFmjR4JGkUo4PIoWoCLiBbErYEfmYV02ThPYx2U4ckEo7yiMGjXjcf0vRHrc=
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://simcast.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 13 Nov 2022 22:35:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
546925
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsimcast.com%2F&domain=simcast.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=mg4HrHx5U3dVYnc4MDd1NytVNTNzNXAzSlpLNUV1OVRJY0hhQ3NNaUZmS3M2K20wZnJVZExUcFR0Q2g2RDlSUlFiRThxbVdleTd6S1ZQQkozNjFHb2hIQkpYL0owaWhaS2RlQWNPZUhHOW4yTGdJTENjWDBWY2UxZitSZ3...
354 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mg4HrHx5U3dVYnc4MDd1NytVNTNzNXAzSlpLNUV1OVRJY0hhQ3NNaUZmS3M2K20wZnJVZExUcFR0Q2g2RDlSUlFiRThxbVdleTd6S1ZQQkozNjFHb2hIQkpYL0owaWhaS2RlQWNPZUhHOW4yTGdJTENjWDBWY2UxZitSZ3RVZGhGVTc0RXJDWVpxaEhZUHRQeXBKSDBwMmdCVy9NU213RHJHREJ1Nkk4SGI3RVpXVEJ0N042NGhvSzRLODJRdEtFeStYdFdmTHplTDJuRndUVmRFWlA1QUtlSTF3M3A5bDBSd1ZCOHdRdDc2NjFxYXVBPXw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
55238386f056c5336696978f6597eb75c6416b365135ffccf0d339be9ee88126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
691575
expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=mg4HrHx5U3dVYnc4MDd1NytVNTNzNXAzSlpLNUV1OVRJY0hhQ3NNaUZmS3M2K20wZnJVZExUcFR0Q2g2RDlSUlFiRThxbVdleTd6S1ZQQkozNjFHb2hIQkpYL0owaWhaS2RlQWNPZUhHOW4yTGdJTENjWDBWY2UxZitSZ3RVZGhGVTc0RXJDWVpxaEhZUHRQeXBKSDBwMmdCVy9NU213RHJHREJ1Nkk4SGI3RVpXVEJ0N042NGhvSzRLODJRdEtFeStYdFdmTHplTDJuRndUVmRFWlA1QUtlSTF3M3A5bDBSd1ZCOHdRdDc2NjFxYXVBPXw&cppv=2
access-control-allow-origin
https://simcast.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
736063
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sun, 13 Nov 2022 22:35:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/prebid/ 		54 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/any
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.207.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-207-182.compute-1.amazonaws.com
Software
/
Resource Hash
85b6c4e8a1bbca31c5fe51e3cd2bee514a5c54bc231898caf73ce52dc4bbc8ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
1
content-type
application/json
access-control-allow-origin
https://simcast.com
access-control-allow-credentials
true
trace-id
c2c6f54153e4f17b
content-length
54
expires
Mon, 14 Nov 2022 22:35:18 GMT
id
id.crwdcntrl.net/ 		77 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.138.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-138-69.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
73f945b70b38a7ea576d1bc6cdb5a3bf21c8a430ea3bfc8a9ae5b9883e3dc977

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://simcast.com
cache-control
no-cache
x-server
10.40.2.77
access-control-allow-credentials
true
content-length
77
expires
0
syncframe
gum.criteo.com/ Frame 7E15 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=simcast.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 22:35:18 GMT
server
Kestrel
server-processing-duration-in-ticks
387267
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 14 Nov 2022 22:35:18 GMT
xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/pfadx/N1160808.284566THETRADEDESK/B28048037.339950083;sz=0x0;ord=676462;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 7CD3 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N1160808.284566THETRADEDESK/B28048037.339950083;sz=0x0;ord=676462;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=0;gdpr_consent=;ltd=
Requested by
Host: svastx.moatads.com
URL: https://svastx.moatads.com/thetradedeskvideo910663478306/moatwrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
d0c9812c13dea4688abc43636974163b04881ca1faa771dba635ea7fa160f5f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2436
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://simcast.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mg4HrHx5U3dVYnc4MDd1NytVNTNzNXAzSlpLNUV1OVRJY0hhQ3NNaUZmS3M2K20wZnJVZExUcFR0Q2g2RDlSUlFiRThxbVdleTd6S1ZQQkozNjFHb2hIQkpYL0owaWhaS2RlQWNPZUhHOW4yTGdJTENjWDBWY2UxZitSZ3RVZGhGVTc0RXJDWVpxaEhZUHRQeXBKSDBwMmdCVy9NU213RHJHREJ1Nkk4SGI3RVpXVEJ0N042NGhvSzRLODJRdEtFeStYdFdmTHplTDJuRndUVmRFWlA1QUtlSTF3M3A5bDBSd1ZCOHdRdDc2NjFxYXVBPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 13 Nov 2022 22:35:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
419854
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.244.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-244-115.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
cache-control
public, max-age=86400
last-modified
Thu, 10 Nov 2022 15:41:58 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
848360150c7285fb18cb4639a4bb09a3664499b3076d27648f1fd1ff8a7f538f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 09:46:31 GMT
server
cloudflare
x-amz-request-id
6G31H86GFH27FY4J
age
2207
etag
W/"903cd4a80ebccf0d9e448e2b133b585d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
769afad0ae348708-ORD
x-amz-id-2
8oSz0Sa+ENiGTKFBbWojAhnlc2NIo2GskcFhsUFh0qTp7TxYGQeem6o3ilVwgyJ7hC0AKsoBq/E=
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 14 Nov 2022 22:35:18 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 16:35:08 GMT
content-encoding
gzip
via
1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront)
last-modified
Fri, 21 Oct 2022 16:32:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
21611
x-amz-server-side-encryption
AES256
etag
W/"a576cab5f14785e90bbbb12b6ee95a83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
quVGu4vW778u5Kq6HC3P5vzojT0QS9fTNqELShXDYfX8CdHOI4G1iw==
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.200.52 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-200-52.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame A50C 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 10 Nov 2022 18:05:40 GMT
age
275378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 10 Nov 2023 18:05:40 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame A50C 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 10 Nov 2022 03:46:27 GMT
age
326931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 10 Nov 2023 03:46:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame A50C 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 10 Nov 2022 13:25:12 GMT
age
292206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 10 Nov 2023 13:25:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame A50C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 12 Nov 2022 00:45:09 GMT
age
165009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 12 Nov 2023 00:45:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame A50C 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 10 Nov 2022 03:47:38 GMT
age
326860
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 10 Nov 2023 03:47:38 GMT
css
fonts.googleapis.com/ Frame A50C 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Nov 2022 21:03:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Nov 2022 22:35:18 GMT
container.html
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 6DD4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 22:35:17 GMT
expires
Mon, 13 Nov 2023 22:35:17 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 8509 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 22:35:17 GMT
expires
Mon, 13 Nov 2023 22:35:17 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 6858 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 22:35:17 GMT
expires
Mon, 13 Nov 2023 22:35:17 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A50C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 00:24:45 GMT
x-content-type-options
nosniff
server
cafe
age
79833
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 14 Nov 2022 00:24:45 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A50C 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 02:12:17 GMT
x-content-type-options
nosniff
server
cafe
age
73381
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 14 Nov 2022 02:12:17 GMT
l
www.google.com/ads/measurement/ Frame A50C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSn8T3o0G_c8wFIu-zn4F4PPJJ5VNlflrc44KERfbaV85icQ5AAu6R17sthlx187LSsXRnF0zlNxewL7Sl05AeRlXf9YQ
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame A50C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmZQJJXFxY4iWMoWOvPIPhtik6A2s_5W0bcXA4O3IEOTS9pj-DhABIIb3hiZgybajiPCj7BKgAcm6_-woyAEJqQJAMbvREFyxPuACAKgDAcgDCqoE-QFP0OoOohxDCaFAfk9W9lG6sztwy3k-XyRjkEooaIi1puwyP053rlIP13nrDM6S4CDGNcTZ1W36WzNG_fYOLyOfyFApDYtMCXL5gpv0k1JBsEwPoKy0YupunyCiFDxS1lhf43Rri94nqcRJEVxZbBMnqByU3shaLzMp1LEHqfEfNCQOC6q07KVNRug2Cv1PXJMkUfvXwhhMpKguxB7QYDD1HNJNneOCKTe6ZS5QN7RW4j0jgYj4-vCgVkyUZ1B-BkzwSyy4r3C-1J0C1vfEFSqtDkX7_fEDQTIJpczdmOpY2QlAAIxgs_7kzsp83bmiD3CafxcR4MLr2SDABPua6smVBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfJ8s_MA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEN_xAtIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=b3CHhs8aUgE&uach_m=[UACH]&cid=CAQSOwDq26N9mTUC2VRvB_anvfzwih4uHPrUjR7fFzkzZDVy93pdVBDlX0bE3A7Cje6Ybt-r_fJpKOrA0iEKGAEgEw&template_id=5000
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
downsize_200k_v1
tpc.googlesyndication.com/simgad/10569763354883201461/ Frame A50C 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10569763354883201461/downsize_200k_v1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e5964b26d7652c3aa35a544b72a0031a602b53a979e53fd39a279df794c1c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 23:13:14 GMT
x-content-type-options
nosniff
age
256924
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71528
x-xss-protection
0
last-modified
Sun, 30 Oct 2022 15:19:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 Nov 2023 23:13:14 GMT
truncated
/ Frame A50C 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A50C 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A50C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e4d9bcd4312dc1853f4059e1c4939cd6e64136aca303d07d4623cbe09a2ed90

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame 7E15
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=simcast.com&sn=ChromeSyncframe&so=0&topUrl=simcast.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=p1fK9XxUY0xZdWZScE90OUpzRmkwZkUxa29sQlg1MXlRdG9XeWFWT3lDa05xWkNORjRTRDFPb0QwbCt1Tnc2ejR3U0lmSVlyMXloYVJvUDJqbk43czhYd1NlM3VrZG9NQ2tUbUp5TW9Bd3hMc1VQaWxBQVpCQnRNV1pET3...
428 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=p1fK9XxUY0xZdWZScE90OUpzRmkwZkUxa29sQlg1MXlRdG9XeWFWT3lDa05xWkNORjRTRDFPb0QwbCt1Tnc2ejR3U0lmSVlyMXloYVJvUDJqbk43czhYd1NlM3VrZG9NQ2tUbUp5TW9Bd3hMc1VQaWxBQVpCQnRNV1pET3pPeEg4eHlkT3krcjZscXhaVm9zTmxxRXdpOFlsc0MwdHhWdzB4a2pBNmdoWWV4dzdRMVhWcytHS0o3OHVCRkl5dHNIa2dGaHl5Q1UxNEc5elVlSEJxVEdGKy9sN25xSGNFeEtkbTErVk1tQk5ESEw2WTl4TWFxaFZYNUo2VS9UbS93TjJpZWdRTmVkcHB2L3FuRVNsQlJnMXovMkhPZz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b3b4711ab05c86f88101b6253b558863a0e475398abd71a5be88799ffde2ae8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2491754
expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=p1fK9XxUY0xZdWZScE90OUpzRmkwZkUxa29sQlg1MXlRdG9XeWFWT3lDa05xWkNORjRTRDFPb0QwbCt1Tnc2ejR3U0lmSVlyMXloYVJvUDJqbk43czhYd1NlM3VrZG9NQ2tUbUp5TW9Bd3hMc1VQaWxBQVpCQnRNV1pET3pPeEg4eHlkT3krcjZscXhaVm9zTmxxRXdpOFlsc0MwdHhWdzB4a2pBNmdoWWV4dzdRMVhWcytHS0o3OHVCRkl5dHNIa2dGaHl5Q1UxNEc5elVlSEJxVEdGKy9sN25xSGNFeEtkbTErVk1tQk5ESEw2WTl4TWFxaFZYNUo2VS9UbS93TjJpZWdRTmVkcHB2L3FuRVNsQlJnMXovMkhPZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
326150
content-length
0
expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 6DD4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkV0YJXFxY4mWMoWOvPIPhtik6A3B9rKPXLaXxJmPBcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBPkBT9AEOgZS1QDmC5vKtxSj6AnTX--R7rsHYeOAun07y9QKaDYuGxiDWDpkhW3YsZBkBzqFFXUV7S9de01pSh3T3tYmPNBS5CX4iGP2PdX1IcM0sdiIfdl5UvUEgodoMUm32DNBdrk583_9lEOW68h_QyycoGZOoEWetVBZLxKsMhLFY7HNP4w6nAuw57_er3o4wsAODo4kK7uIg1zBuPCbUzGIPjXUlXQZdwgXw2zdWUGfPq8gVUgVxMQMZY1T2eX9leXFt8nCW1DBbDY2m7No5r3Iy3zeoDDf-cVvArAgTywa21GKM5cMLAluOVnbtZVz-Y_Qcay1yOjM4AQBgAbJyYeEvaH-9IoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTA2Mjk3Mjg2MTU1MzMwMxiB1Bw&sigh=KEufT26gLA0&uach_m=[UACH]&cid=CAQSOwDq26N9mTUC2VRvB_anvfzwih4uHPrUjR7fFzkzZDVy93pdVBDlX0bE3A7Cje6Ybt-r_fJpKOrA0iEKGAEgEw&tpd=AGWhJmtg8UHIbBR7tnnkV_UHEfWFle3_PQEifOaS9VMJNI2iBurmuTzWkDHcXc-U5xHhJTD532bzR5N7TF3gjRzARFBDVoi5k7u6W_0z191k0nDbeF32s_YtGJtjE2MfVOt3WdloVoFq79gvtpeTI6DQYmCysrRShZRn9fBRSheViUP5e1MLM84hfaUoAW1yHrsICm01beuOigEpOn7Rs5H_d-3BUNZ8r_UtZxJDNN4vlIita-DD3zYd4qFu5QxSRYQn8AuG4ylG-C1pTibFO7Xe4poWul2IdKDkG6tMW82WTOlwoUv_gKVz-ZrQLOJb0yl2H5W-992h5XdNLpdhOza0NSTBSKv8vXFXz-YO7_WslQKNvcZMQRguDoyF3MmlmjVdPqkd9O1LL_c6VILRSSphpUN_c9WO
Requested by
Host: tryyourfirst.icu
URL: http://tryyourfirst.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
js
a-iad2.1rx.io/rtbdeliver/ Frame 6DD4 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a-iad2.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=f21d035853bd7efc27b1ff8db6aafd40&zrk=5fb47cb7427c98d8522fc130d7959629&imp=01f434f7069e6503b2d62cd06fa98687be&bet=MTY2ODM4MjUxODAyNQ&pv=1&prc=ZX0.10566549938413727&rtbserve=1&zclkredir=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrCRNJXFxY4mWMoWOvPIPhtik6A3B9rKPXLaXxJmPBcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBPwBT9AEOgZS1QDmC5vKtxSj6AnTX--R7rsHYeOAun07y9QKaDYuGxiDWDpkhW3YsZBkBzqFFXUV7S9de01pSh3T3tYmPNBS5CX4iGP2PdX1IcM0sdiIfdl5UvUEgodoMUm32DNBdrk583_9lEOW68h_QyycoGZOoEWetVBZLxKsMhLFY7HNP4w6nAuw57_er3o4wsAODo4kK7uIg1zBuPCbUzGIPjXUlXQZdwgXw2zdWUGfPq8gVUgVxMQMZY1T2eX9leXFt8nCW1DBbDY2m7No5r3Iy3ycohBNWUK0OQf7cbzz18VLkaskJSd2nt8quQG4UpH8aQ4WC9N7feMo4AQBgAbJyYeEvaH-9IoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1aXpxJWtMlHQqGM2Wt41WFUHct1Q%26client%3Dca-pub-1062972861553303%26adurl%3D&extra=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.222 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
05a95b8cbcb09bfe59002e3aa598204c9b3b0444f3ee607d5655327d96522692

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-length
1427
content-type
text/javascript
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 6DD4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 18:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 18:44:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 6DD4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 18:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7417
x-xss-protection
0
server
cafe
etag
18318620284716439044
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 18:44:54 GMT
l
www.google.com/ads/measurement/ Frame 6DD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQze9i1kBWv6p01hQ6571F6ZRkagWgEU05Ke3VH3rL0qQIb1r1trC-J5hGrruX5JGDF5lY1ewSciOMulTfKhwwWqDWeyQ
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 6DD4 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 08:43:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Nov 2023 08:43:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6DD4 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Nov 2022 22:35:18 GMT
moatvideo.js
z.moatads.com/thetradedeskvideo910663478306/ 		357 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/thetradedeskvideo910663478306/moatvideo.js
Requested by
Host: svastx.moatads.com
URL: https://svastx.moatads.com/thetradedeskvideo910663478306/moatwrapper.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.165.166 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-165-166.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
79d4d6d7dbafe539e2a973cc0030b1b2550c2defe99d7c809c7fefc1094d8670

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 15:45:19 GMT
server
AmazonS3
x-amz-request-id
H66SC0D12B1GXQBD
etag
"a210e798c8958d682c7cd06bb38a04b1"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=41039
accept-ranges
bytes
content-length
121661
x-amz-id-2
4SbbQ2Vai2pbqTGyFWl1L1ZL0E9pKEXkPAcbpRjT9L6MuaamMF6v6E71fX0smPCUz9zmMLeyA+I=
adview
securepubads.g.doubleclick.net/pagead/ Frame 8509 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDYCNJXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE9wFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI0BwDOeeQS355yfM0qvyykn7VVHKuIPsn1obw0ISwBeKjZF0z-m4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTA2Mjk3Mjg2MTU1MzMwMxiB1Bw&sigh=hv_7qsVH7wA&uach_m=[UACH]&cid=CAQSOwDq26N9mTUC2VRvB_anvfzwih4uHPrUjR7fFzkzZDVy93pdVBDlX0bE3A7Cje6Ybt-r_fJpKOrA0iEKGAEgEw
Requested by
Host: tryyourfirst.icu
URL: http://tryyourfirst.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame 8509 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k73bE4GwB6wC-gHiIp0XAgAAANzcIsRkPmti9TWInwk5jtsQJXFxY8rAdhjYz2WAkkIYABIAAA&wp=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg
Requested by
Host: tryyourfirst.icu
URL: http://tryyourfirst.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
203621
content-length
0
afr.php
ads.us.criteo.com/delivery/r/ Frame B11B 		152 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
38598dd250ef73d19ebfa64e8790bfa82f48e8682ff8914c8c70a02ad0fe4940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 22:35:18 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=Av_-Cv7IxGoJ1inCMgmkbZSAUyY49AlV0huUhJlqg1K3OVckj-kGHNOtdj8cia1gjtOW0QsRla0mJsMsAoL115_13TH3VbwU_FOZvD9-4HBvCwGPhINgtPcVgnj2tFgb9HQxlWW9ibW12J0hCrsJAboPHH8BQJryVek8Qj5lCZhqhIuY49CjavFLOuYdkLO1RBi-TyE6Duvi62OSK6nRJlSvy00s_bmb543hSSe08DjqL75u7vCumBpcqyrcMGWqGTqNbQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
87860558
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 8509 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 18:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 18:44:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D91E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
12493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 19:07:05 GMT
etag
48472445140208031
expires
Mon, 14 Nov 2022 19:07:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 8509 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 18:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7417
x-xss-protection
0
server
cafe
etag
18318620284716439044
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 18:44:54 GMT
l
www.google.com/ads/measurement/ Frame 8509 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmyXsIXVV5BAVnMqC81E0x7hhndO0HGXmuqtPlPPGk66sJBwq8SAzS_QnJkvZ-UPrRDOPQXWR0L2gYQdgtGeKDueqaew
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 8509 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 08:43:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Nov 2023 08:43:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8509 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Nov 2022 22:35:18 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6858 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWrkuJXFxY4uWMoWOvPIPhtik6A3B9rKPXLaXxJmPBcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBP8BT9D5nm66S30_6SUdfi48OewT5Cy3aV6NNFNHsew69WtUFqqx-0oV0cVaAKE8YXsm7Kxio8MeCEmmPAz2DFf_rqz7TgUli0KZ_8f74rCXgREMn4RSxjvt-VOtEcHAVVjvgEfyOesiAYu8z4IvInqvKFG2TjhnV71OHBl5_CrdIHs7TalKX3lcq2Oqth_Jya6gWxxrM4zUBxpb-vMoc9j_u_mA4JaLrYh5jyvfheH5t8lVCGBm0AToGpfvdpPcfk38D3PUsT-XwHC1MZQXkzgPLDq-XJsAFlrl5OPJ3mrnHoduOiQJBaWwsqX_Uk4euTxiN7bGxtjSk0CP6twLvLN-4AQBgAaV6OiE7PO6z5wBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTA2Mjk3Mjg2MTU1MzMwMxiB1Bw&sigh=6D-IX54jeJ8&uach_m=[UACH]&cid=CAQSOwDq26N9mTUC2VRvB_anvfzwih4uHPrUjR7fFzkzZDVy93pdVBDlX0bE3A7Cje6Ybt-r_fJpKOrA0iEKGAEgEw&tpd=AGWhJmtl0OPY0D--yDEfaj35tliAYxGyKMzzoPqbn6BOpntpj5MSHtocSFrsWQEDSbpL3WhfMkCk0woEpQeAYao6v0p0exRJxyLQhHIk8Q5e_UFHzlYT5w3DEMqV3vdbd2t7nlRTAw_LbKj6QUOPU_-e6L42nTQdWdFMH0MeMuILMnnmHKHxrM6kpMANNLHIkiw2ACYI3qY6kLPd_xRh_kn9wsP4UN3TSTIi1mCU-YjbzYCW40CV0dZjfHI5LJT4R2t4TpFBAVyTn-gQ10Y2Dn9KoyZeYbGfgREgOg-sKzXMnsICxRj7Lak-LD2Q9PKaCv1-NFrSccBwGdKDFAXNpXYLY9LC3gCaKuXrmdx3krxTL1mcLimU5P888v8PwzXw17-lKmtXvnqprmdAJKV4079Cx5j2D6p_Zw
Requested by
Host: tryyourfirst.icu
URL: http://tryyourfirst.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
js
a-iad2.1rx.io/rtbdeliver/ Frame 6858 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a-iad2.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=22721e43d482468e99382d882e9e2d0c&zrk=1c6b8692a5a0980862dd7bdc7a2aa127&imp=01b39df308ff0de05b392b8ad750e32e74&bet=MTY2ODM4MjUxODEwNg&pv=1&prc=ZX0.49630331589974963&rtbserve=1&zclkredir=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKJYTJXFxY4uWMoWOvPIPhtik6A3B9rKPXLaXxJmPBcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBIICT9D5nm66S30_6SUdfi48OewT5Cy3aV6NNFNHsew69WtUFqqx-0oV0cVaAKE8YXsm7Kxio8MeCEmmPAz2DFf_rqz7TgUli0KZ_8f74rCXgREMn4RSxjvt-VOtEcHAVVjvgEfyOesiAYu8z4IvInqvKFG2TjhnV71OHBl5_CrdIHs7TalKX3lcq2Oqth_Jya6gWxxrM4zUBxpb-vMoc9j_u_mA4JaLrYh5jyvfheH5t8lVCGBm0AToGpfvdpPcfk38D3PUsT-XwHC1MZQXkzgPLDq-XJsAFlrl5OOL3Ep1vgC1AZPSOzVZvjE-8HI2sBJ6kDA3ykwZOF6j8n6of4jJk1MY4AQBgAaV6OiE7PO6z5wBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hCQd4VpPcSRLiwAlry9hgeJWMtA%26client%3Dca-pub-1062972861553303%26adurl%3D&extra=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.222 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
4ee9f9cdaf50270c15f0fe86a3785a8b1325ee193dccf6396a278215e3f8137a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-length
1434
content-type
text/javascript
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 6858 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 18:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 18:44:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 6858 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 18:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7417
x-xss-protection
0
server
cafe
etag
18318620284716439044
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 18:44:54 GMT
l
www.google.com/ads/measurement/ Frame 6858 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1ie4oIv2MY3e5qFlICOEUeEPA1CNBCb4OSElkawMllUM8ip5E01KRsjK-iWcT7cEpADaoSseCvjclg2-T2kz4dT6Prw
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 6858 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 08:43:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Nov 2023 08:43:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6858 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Nov 2022 22:35:18 GMT
file.mp4
r2---sn-vgqsrnz7.c.2mdn.net/videoplayback/id/38016109cdc666b6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803206166/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/38016109cdc666b6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803206166/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r2---sn-vgqsrnz7.c.2mdn.net/videoplayback/id/38016109cdc666b6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803206166/sparams/acao,ctier,expire,id,ip,ipbits,ita...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-vgqsrnz7.c.2mdn.net/videoplayback/id/38016109cdc666b6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803206166/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55993217F8AD93F45081BE78BA250890E42CB962.27E6D60A339AD31800FC9FF05B57EB9308D7E595/key/cms1/cms_redirect/yes/mh/5y/mip/2602:ffc8:1:1::7/mm/42/mn/sn-vgqsrnz7/ms/onc/mt/1668378058/mv/u/mvi/2/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2607:f8b0:4009:1e::7 Naperville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
3f36180c2d54beb42a6eb01af6bb0050404e139eabc341417cac1c5ac2de91bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 25 Jul 2022 14:07:01 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1472867/1472868
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1472868
Expires
Sun, 13 Nov 2022 22:35:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-vgqsrnz7.c.2mdn.net/videoplayback/id/38016109cdc666b6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803206166/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55993217F8AD93F45081BE78BA250890E42CB962.27E6D60A339AD31800FC9FF05B57EB9308D7E595/key/cms1/cms_redirect/yes/mh/5y/mip/2602:ffc8:1:1::7/mm/42/mn/sn-vgqsrnz7/ms/onc/mt/1668378058/mv/u/mvi/2/pl/48/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
646
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e6ac4e12a751b99eaa10456c87ae78888aeac9d3cb212f00aa8f87ad28328ae1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
increment
id5-sync.com/api/esp/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://simcast.com
date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A50C 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://simcast.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 10:24:40 GMT
x-content-type-options
nosniff
age
216638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 10:24:40 GMT
truncated
/ Frame 8509 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93726082e416b385b3801acdfcd3b82ff8033b8ec8ca3bb9b5abf46c26d56ba1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame D91E
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEKyM-RkEmiFny26fsG_WkCo&google_cver=1&google_push=ASkJ3Fb-Gfa3HhAUA6560iwIBcQ3hVM781f7TO0vvbLufTPAl-N7zgxMGe6Jx6N0nPkZi3AmTMCYh6QH90pefeyqmkscHCM2I7EY
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ASkJ3Fb-Gfa3HhAUA6560iwIBcQ3hVM781f7TO0vvbLufTPAl-N7zgxMGe6Jx6N0nPkZi3AmTMCYh6QH90pefeyqmkscHCM2I7EY&google_hm=UjFENTMxX0Y5NEVC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ASkJ3Fb-Gfa3HhAUA6560iwIBcQ3hVM781f7TO0vvbLufTPAl-N7zgxMGe6Jx6N0nPkZi3AmTMCYh6QH90pefeyqmkscHCM2I7EY&google_hm=UjFENTMxX0Y5NEVCMERDXzdEMDY3NTA5
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ASkJ3Fb-Gfa3HhAUA6560iwIBcQ3hVM781f7TO0vvbLufTPAl-N7zgxMGe6Jx6N0nPkZi3AmTMCYh6QH90pefeyqmkscHCM2I7EY&google_hm=UjFENTMxX0Y5NEVCMERDXzdEMDY3NTA5
Date
Sun, 13 Nov 2022 22:35:17 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-351365718; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
338
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame D91E
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTM3NDc0MmItZGQ0Ni00YzU1LTg5NmMtZWFhYjY1ODdjYzc3&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=1&google_push=ASkJ3Fbm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTM3NDc0MmItZGQ0Ni00YzU1LTg5NmMtZWFhYjY1ODdjYzc3&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=1&google_push=ASkJ3Fbm4qPNDDH02FaO9eEN9Bg0VB4ajyROeehKEMCO8XDzERs68Ftthyc0StU0EmgVHbusDDzu0jNrRr2-5qLSJTSDRCGJLT-O
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTM3NDc0MmItZGQ0Ni00YzU1LTg5NmMtZWFhYjY1ODdjYzc3&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=1&google_push=ASkJ3Fbm4qPNDDH02FaO9eEN9Bg0VB4ajyROeehKEMCO8XDzERs68Ftthyc0StU0EmgVHbusDDzu0jNrRr2-5qLSJTSDRCGJLT-O
date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D91E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMuFQkoPyPSvsWXlgIMK0JU&google_cver=1&google_push=ASkJ3Fb3wiORi-8H_ag0QwoMNyYcLqU2emwB0mkv5TUf0KRBjfoR2H0rasmcG1F7TISN2R2Ozh-i2RuV...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMuFQkoPyPSvsWXlgIMK0JU&google_cver=1&google_push=ASkJ3Fb3wiORi-8H_ag0QwoMNyYcLqU2emwB0mkv5TUf0KRBjfoR2H0rasmcG1F7TISN2R2Ozh-...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ4MTE4NzQ4NDk4NzQzNjQ1MA&google_push=ASkJ3Fb3wiORi-8H_ag0QwoMNyYcLqU2emwB0mkv5TUf0KRBjfoR2H0rasmcG1F7TISN2R2Ozh-i2R...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ4MTE4NzQ4NDk4NzQzNjQ1MA&google_push=ASkJ3Fb3wiORi-8H_ag0QwoMNyYcLqU2emwB0mkv5TUf0KRBjfoR2H0rasmcG1F7TISN2R2Ozh-i2RuV14V94BBlMrX5bglg-EA
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ4MTE4NzQ4NDk4NzQzNjQ1MA&google_push=ASkJ3Fb3wiORi-8H_ag0QwoMNyYcLqU2emwB0mkv5TUf0KRBjfoR2H0rasmcG1F7TISN2R2Ozh-i2RuV14V94BBlMrX5bglg-EA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D91E
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEOcqxMtz4cHgmaBveCTq8E8&c_param1=ASkJ3FY2hUg7bwXMIgzr-m9DH-GFM8YZ-mjvBEDsHmM2H08dtPFuJ4CKdSDRsPqJl8PRlHCvVoElQ87EFrEo0hAhkfNbRGOL9hI&gdpr=%%GDPR%%&a...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FY2hUg7bwXMIgzr-m9DH-GFM8YZ-mjvBEDsHmM2H08dtPFuJ4CKdSDRsPqJl8PRlHCvVoElQ87EFrEo0hAhkfNbRGOL9hI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FY2hUg7bwXMIgzr-m9DH-GFM8YZ-mjvBEDsHmM2H08dtPFuJ4CKdSDRsPqJl8PRlHCvVoElQ87EFrEo0hAhkfNbRGOL9hI
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FY2hUg7bwXMIgzr-m9DH-GFM8YZ-mjvBEDsHmM2H08dtPFuJ4CKdSDRsPqJl8PRlHCvVoElQ87EFrEo0hAhkfNbRGOL9hI
date
Sun, 13 Nov 2022 22:35:18 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame D91E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEv7pwm_oCg_1jBcIImUCew&google_cver=1&google_push=ASkJ3Fa1tzF_k2kIf_VL_hfIhaeeEEbqUUjisn8IqeSjoFPyTgaL8D6xStvC6Kid1oLzJYECVTTZR9yOpFCj...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhHMh_v2zcy0BliUqF9hgJnslHtIDhaEarg&google_push=ASkJ3Fa1tzF_k2kIf_VL_hfIhaeeEEbqUUjisn8IqeSjoFPyTgaL8D6xStvC6Kid1oLzJYECVTTZR9yOpF...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhHMh_v2zcy0BliUqF9hgJnslHtIDhaEarg&google_push=ASkJ3Fa1tzF_k2kIf_VL_hfIhaeeEEbqUUjisn8IqeSjoFPyTgaL8D6xStvC6Kid1oLzJYECVTTZR9yOpFCjlE4P5nDcNpGWNF9B
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhHMh_v2zcy0BliUqF9hgJnslHtIDhaEarg&google_push=ASkJ3Fa1tzF_k2kIf_VL_hfIhaeeEEbqUUjisn8IqeSjoFPyTgaL8D6xStvC6Kid1oLzJYECVTTZR9yOpFCjlE4P5nDcNpGWNF9B
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame D91E
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEFnZ0FsMSY4cwm131dqFgSA&google_cver=1&google_push=ASkJ3FbJzuPdtbjnusnVlRCTr6iZd58h81tj2EJMT296NJkLs0ntoqJASKfCpIthZSWlD25X1CL_...
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEFnZ0FsMSY4cwm131dqFgSA&google_cver=1&google_push=ASkJ3FbJzuPdtbjnusnVlRCTr6iZd58h81tj2EJMT296NJkLs0ntoqJASKfCpIthZSWlD2...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=wJBSfsi7Sue4QJiDYPzgOw==&no_redirect=1&google_push=ASkJ3FbJzuPdtbjnusnVlRCTr6iZd58h81tj2EJMT296NJkLs0ntoq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=wJBSfsi7Sue4QJiDYPzgOw==&no_redirect=1&google_push=ASkJ3FbJzuPdtbjnusnVlRCTr6iZd58h81tj2EJMT296NJkLs0ntoqJASKfCpIthZSWlD25X1CL_j9pIOcPyGI0VNrs3F9FqotRBrw
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=wJBSfsi7Sue4QJiDYPzgOw==&no_redirect=1&google_push=ASkJ3FbJzuPdtbjnusnVlRCTr6iZd58h81tj2EJMT296NJkLs0ntoqJASKfCpIthZSWlD25X1CL_j9pIOcPyGI0VNrs3F9FqotRBrw
date
Sun, 13 Nov 2022 22:35:18 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame D91E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHpUtQCzaNnFbpuVJZMsgqk&google_cver=1&google_push=ASkJ3FbHG3ITLlyLH2GM9OupDaX90EMyX8Z-9hkox0Epqqne-O87oAk961tTQwwFSBoAvKqNXF...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uakptYlNwRTJ1SExDZ0FnaDV0ZUJESlV2TUhhSDJrdX5B&google_push=ASkJ3FbHG3ITLlyLH2GM9OupDaX90EMyX8Z-9hkox0Epqqne-O87oAk96...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uakptYlNwRTJ1SExDZ0FnaDV0ZUJESlV2TUhhSDJrdX5B&google_push=ASkJ3FbHG3ITLlyLH2GM9OupDaX90EMyX8Z-9hkox0Epqqne-O87oAk961tTQwwFSBoAvKqNXFXkvcTWelzcyvZKs1R0z7xropY5rA
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uakptYlNwRTJ1SExDZ0FnaDV0ZUJESlV2TUhhSDJrdX5B&google_push=ASkJ3FbHG3ITLlyLH2GM9OupDaX90EMyX8Z-9hkox0Epqqne-O87oAk961tTQwwFSBoAvKqNXFXkvcTWelzcyvZKs1R0z7xropY5rA
date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame D91E 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQ0EiOt9NXfBQyTq1Ak2sW0wiNnmAaYG7N7_Q478zRip7Istti_RRHr-KclF8yH3qTwyJNG6g
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
js
a-iad2.1rx.io/rtbdeliver/ Frame 6858 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a-iad2.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=22721e43d482468e99382d882e9e2d0c&zrk=1c6b8692a5a0980862dd7bdc7a2aa127&imp=01b39df308ff0de05b392b8ad750e32e74&bet=MTY2ODM4MjUxODEwNg&pv=1&prc=ZX0.8830869240697277&zclkredir=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKJYTJXFxY4uWMoWOvPIPhtik6A3B9rKPXLaXxJmPBcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBIICT9D5nm66S30_6SUdfi48OewT5Cy3aV6NNFNHsew69WtUFqqx-0oV0cVaAKE8YXsm7Kxio8MeCEmmPAz2DFf_rqz7TgUli0KZ_8f74rCXgREMn4RSxjvt-VOtEcHAVVjvgEfyOesiAYu8z4IvInqvKFG2TjhnV71OHBl5_CrdIHs7TalKX3lcq2Oqth_Jya6gWxxrM4zUBxpb-vMoc9j_u_mA4JaLrYh5jyvfheH5t8lVCGBm0AToGpfvdpPcfk38D3PUsT-XwHC1MZQXkzgPLDq-XJsAFlrl5OOL3Ep1vgC1AZPSOzVZvjE-8HI2sBJ6kDA3ykwZOF6j8n6of4jJk1MY4AQBgAaV6OiE7PO6z5wBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3hCQd4VpPcSRLiwAlry9hgeJWMtA&client=ca-pub-1062972861553303&adurl=&pg=https%3A%2F%2Faac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&pgao=https%3A%2F%2Fsimcast.com&refer=https%3A%2F%2Fsimcast.com%2F
Requested by
Host: a-iad2.1rx.io
URL: https://a-iad2.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=22721e43d482468e99382d882e9e2d0c&zrk=1c6b8692a5a0980862dd7bdc7a2aa127&imp=01b39df308ff0de05b392b8ad750e32e74&bet=MTY2ODM4MjUxODEwNg&pv=1&prc=ZX0.49630331589974963&rtbserve=1&zclkredir=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKJYTJXFxY4uWMoWOvPIPhtik6A3B9rKPXLaXxJmPBcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBIICT9D5nm66S30_6SUdfi48OewT5Cy3aV6NNFNHsew69WtUFqqx-0oV0cVaAKE8YXsm7Kxio8MeCEmmPAz2DFf_rqz7TgUli0KZ_8f74rCXgREMn4RSxjvt-VOtEcHAVVjvgEfyOesiAYu8z4IvInqvKFG2TjhnV71OHBl5_CrdIHs7TalKX3lcq2Oqth_Jya6gWxxrM4zUBxpb-vMoc9j_u_mA4JaLrYh5jyvfheH5t8lVCGBm0AToGpfvdpPcfk38D3PUsT-XwHC1MZQXkzgPLDq-XJsAFlrl5OOL3Ep1vgC1AZPSOzVZvjE-8HI2sBJ6kDA3ykwZOF6j8n6of4jJk1MY4AQBgAaV6OiE7PO6z5wBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hCQd4VpPcSRLiwAlry9hgeJWMtA%26client%3Dca-pub-1062972861553303%26adurl%3D&extra=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.222 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
916f8df8e8fe9760456ae7997f261122db49bb9c3dde724fd3e33e886b54525b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-length
6369
content-type
text/javascript
js
a-iad2.1rx.io/rtbdeliver/ Frame 6DD4 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a-iad2.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=f21d035853bd7efc27b1ff8db6aafd40&zrk=5fb47cb7427c98d8522fc130d7959629&imp=01f434f7069e6503b2d62cd06fa98687be&bet=MTY2ODM4MjUxODAyNQ&pv=1&prc=ZX0.21061714051441727&zclkredir=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CrCRNJXFxY4mWMoWOvPIPhtik6A3B9rKPXLaXxJmPBcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBPwBT9AEOgZS1QDmC5vKtxSj6AnTX--R7rsHYeOAun07y9QKaDYuGxiDWDpkhW3YsZBkBzqFFXUV7S9de01pSh3T3tYmPNBS5CX4iGP2PdX1IcM0sdiIfdl5UvUEgodoMUm32DNBdrk583_9lEOW68h_QyycoGZOoEWetVBZLxKsMhLFY7HNP4w6nAuw57_er3o4wsAODo4kK7uIg1zBuPCbUzGIPjXUlXQZdwgXw2zdWUGfPq8gVUgVxMQMZY1T2eX9leXFt8nCW1DBbDY2m7No5r3Iy3ycohBNWUK0OQf7cbzz18VLkaskJSd2nt8quQG4UpH8aQ4WC9N7feMo4AQBgAbJyYeEvaH-9IoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_1aXpxJWtMlHQqGM2Wt41WFUHct1Q&client=ca-pub-1062972861553303&adurl=&pg=https%3A%2F%2Faac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&pgao=https%3A%2F%2Fsimcast.com&refer=https%3A%2F%2Fsimcast.com%2F
Requested by
Host: a-iad2.1rx.io
URL: https://a-iad2.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=f21d035853bd7efc27b1ff8db6aafd40&zrk=5fb47cb7427c98d8522fc130d7959629&imp=01f434f7069e6503b2d62cd06fa98687be&bet=MTY2ODM4MjUxODAyNQ&pv=1&prc=ZX0.10566549938413727&rtbserve=1&zclkredir=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrCRNJXFxY4mWMoWOvPIPhtik6A3B9rKPXLaXxJmPBcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBPwBT9AEOgZS1QDmC5vKtxSj6AnTX--R7rsHYeOAun07y9QKaDYuGxiDWDpkhW3YsZBkBzqFFXUV7S9de01pSh3T3tYmPNBS5CX4iGP2PdX1IcM0sdiIfdl5UvUEgodoMUm32DNBdrk583_9lEOW68h_QyycoGZOoEWetVBZLxKsMhLFY7HNP4w6nAuw57_er3o4wsAODo4kK7uIg1zBuPCbUzGIPjXUlXQZdwgXw2zdWUGfPq8gVUgVxMQMZY1T2eX9leXFt8nCW1DBbDY2m7No5r3Iy3ycohBNWUK0OQf7cbzz18VLkaskJSd2nt8quQG4UpH8aQ4WC9N7feMo4AQBgAbJyYeEvaH-9IoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1aXpxJWtMlHQqGM2Wt41WFUHct1Q%26client%3Dca-pub-1062972861553303%26adurl%3D&extra=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.222 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
b25f4b3fdb45046ad67c4d568fec24aa4e4395fb80cb75688ac8988c7828784b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-length
6391
content-type
text/javascript
privacy_small.svg
static.criteo.net/flash/icon/ Frame B11B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 08 Nov 2023 22:35:18 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame B11B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 08 Nov 2023 22:35:18 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B11B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 08 Nov 2023 22:35:18 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B11B 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 08 Nov 2023 22:35:18 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame B11B 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=3ul16OIkkuurvLUIE0vTJCRiUTMSU71hbpYh5UlEICQYk933j9HCTSRyvFLMOTuwfSVbBJNAzs9_uPCLk2xdZwrFAzxle-Ct1UeJKNkDgM2_fuNqcIbXXWazmMwUgLGxc9KS4-5g3oAQ2r6rMIlMk9N0bcyYmA-glrq7rThs4XWL_24VsJ4axQuI3eKqEsh7a-3FN3gumf93qOkqURHxsVjlrRcSivNuevJimN-MwOu4ID8p8SlNLKElSAwm_AYn6mvlAhU3JtxXcchz9e525kiU7G30OwNTo_IKz6sDew93ulyr8D2kE_81kJXxh7wR8qcHgELtzVjI-a0AxZuOf75L1Uhja3UZkWTRY8ir6AGeSYQWYUMHtKqnJ6xAoJ3R0j1sY7Ym91I7NGl1rL89QWd9V6f23jrl33O5hijCsp0yo6pJ
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3529286
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads.js
presentation-atl1.turn.com/server/ Frame 6858 		6 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://presentation-atl1.turn.com/server/ads.js?code=46585255&aid=53543507&tuid=3847914353920511232&duid=2331523891413183289&uimpd=1Eyc6i4Ny7jBYBoWGG0iDrxzZZE3I57W8U0_CU2LG3Pz8xYYHa6KuPE-MH6UIW-7B3jecPunu4aXl6u97VMPY_QVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiNJW90y_oOHheZLYYgRDt3zew9iWyajTz3LOGypa6pzjaOhTmAWfFu2xzJvZwvAfY7LhzWzy68iLQmf7hXHhlptKGrFSjFsxJjhkQleR4jx0lDAeRkvpnDrUOD3rpQXPjoXwQsSlpxKWOwnR4ICWD6HgrGxaP_tT9YehalINy5d9dPuTnu47lFWyatmcm9RCr12msuZA7bvIE0T1M8ApfDr6xm4B16_GjmtwmNM-e8_2nESssmpB9aMR8gpwmSHXqQ2N7-T3EbgeTFk_ArU8BYQlxAzXpNX-X4enzibMZ7SzE1AuiKhErEulFpA9Y1i2WEmhPuOe-nU99FAsGP7ZMwyC-ICT55qnhaKVX6le4dAieHuUcIpxVYKB8pkd9ZsUHiFzULf9MnjY_4JzKQPoaAqYywW6jiQ2Qu2pe4bTi-kAK3xkcBwAvcxf_v0N14fry1FJ-9FPOf0y2ywm3aOVIgxdeEq4YmDyLNKipXxJLgk9YPhIqX_3Sqt5lz3wjWtuC5VqqqSaRzqXXTTfnUkpZCfbGfCPSMAZOWpPry3ZyGhHxdNKET4CyfoCYPohhtzNNkRjgDILN8VX28pREvZrlqbCqBcnEfB0Fw_yCryqJcyBGOku3x_Tr5XEimD-pkK8iKOobAnCvdPWciHzZtF-fxKz5cdwHqwBj43FH_vVAVkxvVa5TQgRSt7cIgC084bCo_-c3N6tJSLOTPGJM8Foy7ub497PvSCeZdqESmpecKKgTAKeb5zoF5dE4COxUEGHLMW_4n-OGbheo8WFbZXf0kbaCxUmVuRHvXG5JZaHgxT0PzGHEZoE8rx4fPREQSxhmXISPTR6PMiceUDcgfapBvB&acp=1.1203
Requested by
Host: a-iad2.1rx.io
URL: https://a-iad2.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=22721e43d482468e99382d882e9e2d0c&zrk=1c6b8692a5a0980862dd7bdc7a2aa127&imp=01b39df308ff0de05b392b8ad750e32e74&bet=MTY2ODM4MjUxODEwNg&pv=1&prc=ZX0.8830869240697277&zclkredir=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CKJYTJXFxY4uWMoWOvPIPhtik6A3B9rKPXLaXxJmPBcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBIICT9D5nm66S30_6SUdfi48OewT5Cy3aV6NNFNHsew69WtUFqqx-0oV0cVaAKE8YXsm7Kxio8MeCEmmPAz2DFf_rqz7TgUli0KZ_8f74rCXgREMn4RSxjvt-VOtEcHAVVjvgEfyOesiAYu8z4IvInqvKFG2TjhnV71OHBl5_CrdIHs7TalKX3lcq2Oqth_Jya6gWxxrM4zUBxpb-vMoc9j_u_mA4JaLrYh5jyvfheH5t8lVCGBm0AToGpfvdpPcfk38D3PUsT-XwHC1MZQXkzgPLDq-XJsAFlrl5OOL3Ep1vgC1AZPSOzVZvjE-8HI2sBJ6kDA3ykwZOF6j8n6of4jJk1MY4AQBgAaV6OiE7PO6z5wBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3hCQd4VpPcSRLiwAlry9hgeJWMtA&client=ca-pub-1062972861553303&adurl=&pg=https%3A%2F%2Faac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&pgao=https%3A%2F%2Fsimcast.com&refer=https%3A%2F%2Fsimcast.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
49b31e48e24ae38163b8b4749e0e02f56386d7715a84d108553a63b6465a5337

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/javascript;charset=UTF-8
date
Sun, 13 Nov 2022 22:35:18 GMT
cache-control
public, max-age=172800, must-revalidate
content-encoding
gzip
expires
Tue, 15 Nov 2022 22:35:18 GMT
vary
accept-encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usersyncall
sync.1rx.io/ Frame 6858
Redirect Chain
  • https://sync.1rx.io/usersyncall?impinit=1
  • https://sync.1rx.io/usersyncall?rcc=1
16 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.1rx.io/usersyncall?rcc=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
3f1afda1c57ea6cbe9400ae680b5af795a324f08bf8ffe5fa1d08cf7c0653038

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
16550
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:18 GMT
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Content-Type
text/html
Location
https://sync.1rx.io/usersyncall?rcc=1
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
rtbtrkd
a-iad2.1rx.io/ Frame 6858 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-iad2.1rx.io/rtbtrkd?excid=rmpssp&pickup=22721e43d482468e99382d882e9e2d0c&zrk=1c6b8692a5a0980862dd7bdc7a2aa127&imp=01b39df308ff0de05b392b8ad750e32e74&bet=MTY2ODM4MjUxODEwNg&pv=1&asb=0&prc=ZX0.5976353344751613&pg=https%3A%2F%2Faac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&pgao=https%3A%2F%2Fsimcast.com&refer=https%3A%2F%2Fsimcast.com%2F
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.222 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:18 GMT
access-control-allow-credentials
true
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B11B 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1389381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDeeOc1Uy52I%2FyLuFeFcyf%2BoYuy9rCEUiq49%2BSgcGRJSLQWxu8gRkqZufzIG7aet1IasgnPVcOyncGjEihuSKtQBw%2Fpgt%2FViyHYbAD1yFoeqeuRnrx9p5QMLuFTWn8AFbluId6LeA30bFHQm9KV%2Fvdz3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
769afad2da95e1de-ORD
expires
Fri, 03 Nov 2023 22:35:18 GMT
animejs.js
static.criteo.net/animejs/ Frame B11B 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 08 Nov 2023 22:35:18 GMT
5ab904e70ba04f04aab36995c6fce95d_futura+book+font.woff
static.criteo.net/design/dt/ Frame B11B 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/5ab904e70ba04f04aab36995c6fce95d_futura+book+font.woff
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0b81ebd295c56386af5d622092d29db6ecb12a7f8dc8be80fe54cbbfa3d3216e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 12 Feb 2018 16:12:56 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5a81bd08-5f2c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 08 Nov 2023 22:35:18 GMT
ads.js
presentation-atl1.turn.com/server/ Frame 6DD4 		6 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://presentation-atl1.turn.com/server/ads.js?code=46604413&aid=53543505&tuid=8372312124404870238&duid=2331523891413183289&uimpd=18v4Uvl_Jjhe_MoyHIHzu1K2JsqqxUj9JEq-r-cCfWCb8xYYHa6KuPE-MH6UIW-7BtE2XnV_3CZwd4tG6GU8bOQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiMp9C8vuEu1kdR8sYCx6d3CibXMU9d0e2zk9C26sx82kW9vD4Nj3XzFEQP6WoRn5MmlfXjULsh3dZReW5bnihtScgFEMJf6VV5iRo8seWnJhbSDSzgtoRY0dbciHBurJ_S5V-f9jBTq2UyXueEKgT4xWcWKkaapWSO_vbYrqig5fPvuJVfohwlXVWzV-xl5DFbut3nujrFmPE76GTHOng75UDmHjGGktfS2NzJKo-9LJhWy7-KxKTH-2ta3BtmfAhKqcsKeqMh6KeI6IgIQkFvUAcolElfh6ehOwtVs2Qqc3FKPNToaD7_Fl6Njjd5PrClqcnhxqib_5HDknsAObCPSXYemlrDel2kbVu_bCbqiVNq9wHnjg7NdbGmDFiCCjrQDxREoWysS3t_3gZeSRKQxINY1pe-xhkfy3Bh4pMKpy4kOY1ubb_ynu51xuTaLSVqjmU9m4Pv7Jh_dl7yTnulZL1iBu4ruyES-G9ygyU1pdPneTA9I3KqIN2q8u4uULK5aQAtLKZsQOuFStsRWI4XKp8c_EVh9pS5-xHbSl6D8zBAFzhO1rP8kjQxYnNPuy0lZOoXTgs3XRBMjplqHqUyJkvFPMvB2Fu2dxUqB1Lbupv_jqVF5CMDHrJ8lfrQsZub4PWEFuCpA-uHdDaGGfiRR2h2GBgpH4bzuwJRJ8TlmHrL0uxlUbnfe53T-VEmn6MITO8p6Dig6eFFR2BHKNcRLbdqg2iIujodDImszKFSOtyqjHX48tj90t1bYM3dWdtWcoQ7NudP6gZvbEP-DSNdqn2qcTWB8tUjvFO7iZO941O5oPIq2H4fax9HZ0bA2yRXTqulq5rx05zEM6xu8oQtdRdyRdpll_7l3YiBUfPnjzg&acp=1.1203
Requested by
Host: a-iad2.1rx.io
URL: https://a-iad2.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=f21d035853bd7efc27b1ff8db6aafd40&zrk=5fb47cb7427c98d8522fc130d7959629&imp=01f434f7069e6503b2d62cd06fa98687be&bet=MTY2ODM4MjUxODAyNQ&pv=1&prc=ZX0.21061714051441727&zclkredir=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CrCRNJXFxY4mWMoWOvPIPhtik6A3B9rKPXLaXxJmPBcCNtwEQASAAYMm2o4jwo-wSggEXY2EtcHViLTEwNjI5NzI4NjE1NTMzMDPIAQngAgCoAwGqBPwBT9AEOgZS1QDmC5vKtxSj6AnTX--R7rsHYeOAun07y9QKaDYuGxiDWDpkhW3YsZBkBzqFFXUV7S9de01pSh3T3tYmPNBS5CX4iGP2PdX1IcM0sdiIfdl5UvUEgodoMUm32DNBdrk583_9lEOW68h_QyycoGZOoEWetVBZLxKsMhLFY7HNP4w6nAuw57_er3o4wsAODo4kK7uIg1zBuPCbUzGIPjXUlXQZdwgXw2zdWUGfPq8gVUgVxMQMZY1T2eX9leXFt8nCW1DBbDY2m7No5r3Iy3ycohBNWUK0OQf7cbzz18VLkaskJSd2nt8quQG4UpH8aQ4WC9N7feMo4AQBgAbJyYeEvaH-9IoBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_1aXpxJWtMlHQqGM2Wt41WFUHct1Q&client=ca-pub-1062972861553303&adurl=&pg=https%3A%2F%2Faac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&pgao=https%3A%2F%2Fsimcast.com&refer=https%3A%2F%2Fsimcast.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
5b6bf20154e125279e794bb81e9cba88b3adcd8c20d3a34feb1fc15038897fdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/javascript;charset=UTF-8
date
Sun, 13 Nov 2022 22:35:18 GMT
cache-control
public, max-age=172800, must-revalidate
content-encoding
gzip
expires
Tue, 15 Nov 2022 22:35:18 GMT
vary
accept-encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usersyncall
sync.1rx.io/ Frame 6DD4
Redirect Chain
  • https://sync.1rx.io/usersyncall?impinit=1
  • https://sync.1rx.io/usersyncall?rcc=1
16 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.1rx.io/usersyncall?rcc=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
1ea9a2858b06ac09860162299b7a95f6bf645b3cea87009909d234677b2d6440

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
16549
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Content-Type
text/html
Location
https://sync.1rx.io/usersyncall?rcc=1
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
rtbtrkd
a-iad2.1rx.io/ Frame 6DD4 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-iad2.1rx.io/rtbtrkd?excid=rmpssp&pickup=f21d035853bd7efc27b1ff8db6aafd40&zrk=5fb47cb7427c98d8522fc130d7959629&imp=01f434f7069e6503b2d62cd06fa98687be&bet=MTY2ODM4MjUxODAyNQ&pv=1&asb=0&prc=ZX0.7533649267231162&pg=https%3A%2F%2Faac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&pgao=https%3A%2F%2Fsimcast.com&refer=https%3A%2F%2Fsimcast.com%2F
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.222 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:18 GMT
access-control-allow-credentials
true
img
pix.us.criteo.net/img/ Frame B11B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=15175&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F15175%2F200715%2F9852655de7654c5288398ca748637aa8_limelush_core_logo.png&v=3&w=596&s=98ORjrJsbruNjjCJsfohDhsp
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
a973354e9b4d8b7b718615443d6d82ec73c057c6ecc5421fd256e3cc79d61819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30037299
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5064
expires
Fri, 27 Oct 2023 14:16:58 GMT
img
pix.us.criteo.net/img/ Frame B11B 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=15175&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0586%2F7483%2F9702%2Fproducts%2FDesert-Sand-Colorblock-Long-Sleeve-Knit-Sweater-close_09022022.jpg%3Fv%3D1662649318&v=3&w=400&s=oPeKnLrpIbpdtKeGfKfBcRme&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
9c0ed80eb357d3cdc921d9b1b9137d0cab14d1d5295add19091926b643156a60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29800861
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12572
expires
Tue, 24 Oct 2023 20:36:20 GMT
img
pix.us.criteo.net/img/ Frame B11B 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=15175&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0586%2F7483%2F9702%2Fproducts%2FJade-Fuzzy-Open-Sweater-Cardigan-with-Pockets-close_09202022.jpg%3Fv%3D1664386658&v=3&w=400&s=sb4LOyAxqwIBy5gSSF7bZLb7&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
f343745d4f6a50ca10fcab1844a3982c05897df32c72b0a9643bd01da4550e8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28241616
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14022
expires
Fri, 06 Oct 2023 19:28:55 GMT
all
csm.us.criteo.net/ Frame B11B 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=Av_-Cv7IxGoJ1inCMgmkbZSAUyY49AlV0huUhJlqg1K3OVckj-kGHNOtdj8cia1gjtOW0QsRla0mJsMsAoL115_13TH3VbwU_FOZvD9-4HBvCwGPhINgtPcVgnj2tFgb9HQxlWW9ibW12J0hCrsJAboPHH8BQJryVek8Qj5lCZhqhIuY49CjavFLOuYdkLO1RBi-TyE6Duvi62OSK6nRJlSvy00s_bmb543hSSe08DjqL75u7vCumBpcqyrcMGWqGTqNbQ&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B11B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 08 Nov 2023 22:35:18 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B11B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 08 Nov 2023 22:35:18 GMT
46e37f00c71a4655ada9998fc61d10e9_futurabt-heavy.woff
static.criteo.net/design/dt/ Frame B11B 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/46e37f00c71a4655ada9998fc61d10e9_futurabt-heavy.woff
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b98949b20dd291b4ee937f705c57da64e392047cd4aa0d1e68cc4dfd774c40b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 28 Sep 2018 14:35:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bae3c1f-629c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 08 Nov 2023 22:35:18 GMT
579.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.smc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
74e5172ad789c47a9e42cabb22c734c6a711ddbb51f14fc24a10f28ecc1073b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://simcast.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Nov 2022 22:35:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://simcast.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
view
googleads4.g.doubleclick.net/pcs/ Frame 7CD3 		0
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1e2v3A7Fyvu5FSr-k62cfjVdpg2EUKyIXixsW-LqrsDAJCHswnKQQBUlGUF1_-GVYGa7xtY8BLxZ-tFuqSZQkiLSWWImGDxlinf5o-QHPfDRRAOlslUhUkmn0HKtssHCd6PW30j2BVeE_8L6r1UGApO0&sai=AMfl-YSe3GROmnacmLyymnkkOg0b5M1kQ41-VIWj4f9lPR_DQENpKCRHtcDzmygWq-RtjuNHTTA2SpIO-m7GLDKI9_ZV-Rbqcy1p3YpVcmu5&sig=Cg0ArKJSzA5loqj7EPVTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dc_oe=ChMI-9Ok5pus-wIVHAxoCB2lZgK9EAAYACCy8KtU;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ Frame 7CD3 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-9Ok5pus-wIVHAxoCB2lZgK9EAAYACCy8KtU;met=1;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame ACFA 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=creativeView&imp=2e9f07bb-6aca-4df9-83b7-bc09b4d18a30&ag=xejceum&crid=2zxxzb3e&cf=3592660&fq=0&t=1&td_s=simcast.com&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=&agsa=&wp=Y3FxJQAJ-isITwSsAArA_6dESMxvBYu3Q9W4kw&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-9505823743978337&rlangs=en&mlang=&did=2147221&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=MAQ4AkgAUARYAYABAIgBApABALABALoBBQi0ARgCyQEzMzMzM7NBQA..&dur=CkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..&durs=bua7fp&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&testid=mkts-4636-disabled&said=FXmf02SyNYzrSrEpd8IOvA%3D%3D&auct=3&cxdur=0-15&cxlvs=0&sfe=15a8f126&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
/
googleads.g.doubleclick.net/pagead/interaction/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChSBdJXFxY6v0J6yJvPIP_4GrwAW7z9r0XO6Jjs5SwI23ARABIABgybajiPCj7BKCAR1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzN8gBBeACAKgDAZgEAKoEgwJP0NIIBYkw3a04QZB2uF1Cmcf-8TcB0_5Z2znD_74O0W8UWWVZ-Rry58aVI65TWuUSAilKUqufx6-cHizaMgosk_lXwPyXCNR7dGG57AyJLFSg1GR_0fYMxU7xOTfXlv5jOfJuHQXCItfnnyElhP1srzuaR62ecECa9uipjpMgdMrSOg-7lRftJFm5Zol0rm8ri8tZqDL6mTyriUSIqFdRJNkBJvht0OGE01PLHxr7BRdDAqXbHpYAnnkH8e27RogoFHq5wp0QFN4LL2UtXw8sl3_lgNlr2xbJDl4a8RVRXO1HH7JX-AWrQbgcGeqAnKpHJppjtXrwavMPdCq6G02T4lrQ4AQBgAbRw6HYx6i-rqwBoAYqqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAPIHAiAB0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB&sigh=ZE_9QvdXsiE&label=vast_creativeview&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D15000%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D1191%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D42438037%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668378916639%26ptlt%3D1668378918977%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1668378918140&sdkv=h.3.544.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MDY5NzY0NzYwQMwDCmYIARISaW5zaWdodC5hZHNydnIub3JnGg5UaGUgVHJhZGUgRGVzayADKggyenh4emIzZTIIMnp4eHpiM2VAhwFSJQivEBAEJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkjOBlAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B79lEJXFxY9_6JayJvPIP_4GrwAXUvPyhRgAAABABING9tz04AVi5v4HKgwRgybajiPCj7BKyAQtzaW1jYXN0LmNvbboBCzQ4MHgyNzBfeG1syAEF2gE8aHR0cHM6Ly9zaW1jYXN0LmNvbS8_ZD10cnl5b3VyZmlyc3QuaWN1JnBjaWQ9ODAyJnJpZD0xNTImYT0wmALQjAHAAgLgAgDqAh0vOTIwNTYyODEvc2ltY2FzdC5jb20tcHJlbWl1bfgC8tEekAPoApgD0AWoAwHgBAHSBQYQmIWlzhaQBgGgBjuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAfIHAiAB0ggPCIBhEAEYHTICigI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=bT32gft19ic&label=vast_creativeview&acvw=sv%3D941%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D15000%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D1191%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D42438037%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668378916639%26ptlt%3D1668378918977%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1668378918140&sdkv=h.3.544.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MDY5NzY0NzYwQMwDCmYIARISaW5zaWdodC5hZHNydnIub3JnGg5UaGUgVHJhZGUgRGVzayADKggyenh4emIzZTIIMnp4eHpiM2VAhwFSJQivEBAEJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkjOBlAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ACFA 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJmsLsX57GuPevqKbrO_a14HrWKyZI-997qyEIGeDeSjUZ5SJjXF5PomgDaSe7Z-JBDKwWNqGuQMvZSfhcASpnRFTiyCi086yUKcBPoFBfqzinpTO-Ka2PnUdpoMULZD5yVgX0l3RL-_nPFJg3_Cr-g3rhG9imX2ZZNXTyzQmt-iXB-F0pAulL-a9hMc_6WSfsOvpMQcdlXPhKg35b6HiH02EUj7WZJKqyA0po8Gy88-PcB6lf5Rlg4nOZZm9R0nuZ8_Qtu0scN-2xhytPimQdKYDy6tckAAbk_J4zpmAR838KWdytJGvCdX1rTd6ewlg3qb6I_yyZVpqe1VHOqcdglBKAMFL3_pHzOUG0YcOPmB4Ivi_GCMh4bS7so0ysC_AsYfdZ6mjPSZRBx5tesYi69LWDxGrYemQ3MerOICKnC4wRvF-dw3l29eWnit-3MQc1ia-pNdDq434NLZjiZkhV4321QUTL3PSbE3cDLY48_tNOdKL0XfC5fwIyry5Sfb20ya4xCdkga_KA7ht_nod6K1kFP5r9v4rzyBR4tVGERi4up6nKXM7FE69MMipQrpEEEyoAplxUAvcnT7OnwzjLPLMk9i6jtu2MaJBoZe4k2RUOuiCvn4oHCXD-LIE6iB4VPTpf3ggI9iPQ_Pk7IJa5SwxRBFJ_CJA5cSDZqn5YtBOf2NbgEGNtTb0SmhowkGagA0ma4l8cMWw2EdYCbzDN3xEFlgj84PYC8xtSeRS2XxzVj8mWMfWvmsHMNLgo7VsR5TKVn_MhWPJbWUDkifKFi7Kwz6Ema1oODg88f5fGaIFTPHeZW6O6JH7pIzN5eLo0BWmGw5WOaq-ApNNcOKjmcOb6E6oeIyjkpudrKCTXbWGSQRTqOEuuuxglXjxov_gm108dVkZqQfm1Wq_Ua_SUrTzNcuXs895vHlPHTFZKftIWzTk6tk-u8uaa2-rDe-rnpkw0ByP-bu6sWnTucXx1JMiSUIGX5d_p5qMdqlQtM4XPS4hszui-IY7PZr_IdVDRKGcPo1aPUEAQXmVlUJFz7mDPxoTXZzJcFcucwW8kHL-dGtgMvMZJRQrsMPnFp5CP8w9vPPqAaS5tHoNsCn5AlH51yItufcfk7Jh4pMAJbD5JlF3nQM2T7g8n2MtZcRoHfd42gzXmyxilQ9vrO-cIXDilKgz3C7iD6cbngky4nQKEDRn3_7sQejUtJPXIMVoVZqn_5ccXiEAm1rh3p0bdjIjP_FGt4d7XztPXkrh1oq87adQGQlFNPcj72udcVIdSWOB-dVDuGPv9-CbxRwchVxzJnA&sai=AMfl-YTosghXusX9oa1TKoIlFC5RsKSw5G-6gUJGJT_Zli6gIavdo4wzfjOXHWRGblINa1kbZcqhQCPP5gZqSgnwZ__f1eJpzj68E3KuXRdq1YYtytsoeABjZcfjrNqQATN01A1sq9ETrsv5SbJ2_OPMVNvtgPGlS6zA1W3j-bpDwGbdCE5qoWI66R4McG8Cr0OIW7uCRL0QBMnS6hoUZz8K9cBRYnT79Lae8K3rAXCIttT5vvH38F0ryiH_y66RerVQbwReCa2EX8mWqmBcGFv6AHZO&sig=Cg0ArKJSzCbVMUV7vSZyEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.544.0&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 13 Nov 2022 22:35:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
google
match.adsrvr.org/track/cmf/ Frame ACFA
Redirect Chain
  • https://vae-bid.adsrvr.org/bid/feedback/google?t=1&iid=2e9f07bb-6aca-4df9-83b7-bc09b4d18a30&crid=2zxxzb3e&wp=Y3FxJQAJ-isITwSsAArA_6dESMxvBYu3Q9W4kw&aid=1&wpc=USD&sfe=15a8f125&puid=CAESEF9SahGOUQ7Rj...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OGEyNTJiOTMtMjhkMy00MGEwLWJmMjQtMTgxMjg0OTg5Nzg3&gdpr=0&gdpr_consent=&ttd_tdid=8a252b93-28d3-40a0-bf24-18128...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=8a252b93-28d3-40a0-bf24-181284989787&google_gid=CAESEF9SahGOUQ7Rj3FmOPjxApw&google_cver=1
70 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=8a252b93-28d3-40a0-bf24-181284989787&google_gid=CAESEF9SahGOUQ7Rj3FmOPjxApw&google_cver=1
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=8a252b93-28d3-40a0-bf24-181284989787&google_gid=CAESEF9SahGOUQ7Rj3FmOPjxApw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
386
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0QQJsuq4yxZ2XXUrJfG1Qb14DqQ2DRufEjArkgfYkyzPjBinPSvE1hMR1uXwF0bpLaFXeJ15sygmFNXE092r6gMzu7c3QfKXcLqGvSK4xoDVOUyk-Q47gcQAI2BM-Dci6xC1D68VeFw3gXeNWcrPZwQdvvc9fqvr8udAIpLqBgzf9dB3DQOPGm1uYGZ6HgwtWa_cWfl4dw4bvlymrS1thD8lo0WuQrtaTMRpyNi8SelorqiPI4_CghAMAEKbDkA0YukofEoJjS02ffqBeMVBrHtY2UPUNnyLrW1Pno_YG5AxE0LaHmrudz3p207cOnWoQ3xY0Q3hoQxCycCdFNq4&sig=Cg0ArKJSzLyLPxasj_iBEAE&cid=CAASFeRoU4Ff7WWDrDU89wAyZgR0iKi_jA&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1191%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D42438037%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668378916639%26ptlt%3D1668378918987%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.16%26t%3D1668378918140&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame ACFA 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=start&imp=2e9f07bb-6aca-4df9-83b7-bc09b4d18a30&ag=xejceum&crid=2zxxzb3e&cf=3592660&fq=0&t=1&td_s=simcast.com&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=&agsa=&wp=Y3FxJQAJ-isITwSsAArA_6dESMxvBYu3Q9W4kw&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-9505823743978337&rlangs=en&mlang=&did=2147221&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=MAQ4AkgAUARYAYABAIgBApABALABALoBBQi0ARgCyQEzMzMzM7NBQA..&dur=CkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..&durs=bua7fp&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&testid=mkts-4636-disabled&said=FXmf02SyNYzrSrEpd8IOvA%3D%3D&auct=3&cxdur=0-15&cxlvs=0&sfe=15a8f126&vp=0&ast=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
/
googleads.g.doubleclick.net/pagead/interaction/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChSBdJXFxY6v0J6yJvPIP_4GrwAW7z9r0XO6Jjs5SwI23ARABIABgybajiPCj7BKCAR1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzN8gBBeACAKgDAZgEAKoEgwJP0NIIBYkw3a04QZB2uF1Cmcf-8TcB0_5Z2znD_74O0W8UWWVZ-Rry58aVI65TWuUSAilKUqufx6-cHizaMgosk_lXwPyXCNR7dGG57AyJLFSg1GR_0fYMxU7xOTfXlv5jOfJuHQXCItfnnyElhP1srzuaR62ecECa9uipjpMgdMrSOg-7lRftJFm5Zol0rm8ri8tZqDL6mTyriUSIqFdRJNkBJvht0OGE01PLHxr7BRdDAqXbHpYAnnkH8e27RogoFHq5wp0QFN4LL2UtXw8sl3_lgNlr2xbJDl4a8RVRXO1HH7JX-AWrQbgcGeqAnKpHJppjtXrwavMPdCq6G02T4lrQ4AQBgAbRw6HYx6i-rqwBoAYqqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAPIHAiAB0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB&sigh=ZE_9QvdXsiE&label=part2viewed&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1191%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D42438037%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668378916639%26ptlt%3D1668378918989%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.16%26t%3D1668378918140&sdkv=h.3.544.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MDY5NzY0NzYwQMwDCmYIARISaW5zaWdodC5hZHNydnIub3JnGg5UaGUgVHJhZGUgRGVzayADKggyenh4emIzZTIIMnp4eHpiM2VAhwFSJQivEBAEJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkjOBlAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B79lEJXFxY9_6JayJvPIP_4GrwAXUvPyhRgAAABABING9tz04AVi5v4HKgwRgybajiPCj7BKyAQtzaW1jYXN0LmNvbboBCzQ4MHgyNzBfeG1syAEF2gE8aHR0cHM6Ly9zaW1jYXN0LmNvbS8_ZD10cnl5b3VyZmlyc3QuaWN1JnBjaWQ9ODAyJnJpZD0xNTImYT0wmALQjAHAAgLgAgDqAh0vOTIwNTYyODEvc2ltY2FzdC5jb20tcHJlbWl1bfgC8tEekAPoApgD0AWoAwHgBAHSBQYQmIWlzhaQBgGgBjuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAfIHAiAB0ggPCIBhEAEYHTICigI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=bT32gft19ic&label=part2viewed&acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1191%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D42438037%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668378916639%26ptlt%3D1668378918989%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.16%26t%3D1668378918140&sdkv=h.3.544.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MDY5NzY0NzYwQMwDCmYIARISaW5zaWdodC5hZHNydnIub3JnGg5UaGUgVHJhZGUgRGVzayADKggyenh4emIzZTIIMnp4eHpiM2VAhwFSJQivEBAEJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkjOBlAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&ldt=OPENVV&key=eKVKXbhX&c_id=12018&seq=1&order=7&absoluteTime=3951&relativeTime=2614.3&sm_id=2359689&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=6161&load=1&status=LVFNLNIY&ac_id=2008&percentViewable=1&technique=IntersectionObserver&viewable=true&viewportWidth=1600&viewportHeight=2089&elementWidth=761&elementHeight=428&iframeContext=on%20page&focus=true&type=start&counter=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&ldt=OPENVV&key=eKVKXbhX&c_id=12018&seq=1&order=8&absoluteTime=3952.1&relativeTime=2615.4&sm_id=2359689&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=6161&load=1&status=LVFNLNIY&ac_id=2008&percentViewable=1&technique=IntersectionObserver&viewable=true&viewportWidth=1600&viewportHeight=2089&elementWidth=761&elementHeight=428&iframeContext=on%20page&focus=true&type=change&counter=2
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&ldt=OPENVV&key=eKVKXbhX&c_id=12018&seq=1&order=9&absoluteTime=3953&relativeTime=2616.3&sm_id=2359689&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=6161&load=1&status=LVFNLNIY&ac_id=2008&percentViewable=0&technique=IntersectionObserver&viewable=false&viewportWidth=1600&viewportHeight=2089&elementWidth=-1&elementHeight=-1&iframeContext=on%20page&focus=true&type=change&counter=3
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&ldt=AD_IMP&key=eKVKXbhX&seq=1&order=10&absoluteTime=3957.8&relativeTime=2621.1&sm_id=2359689&visiblestatecd=I&soundcd=OFF&adX=true&lineItem=6069764760&adSystem=AdSense/AdX&firstLineItem=6069764760&firstAdSystem=AdSense/AdX&lineItemsGDFP=&adIndex=0&advertiser=&cid=12018&pposition=home&adServer=gam&iu=/92056281,22632072816/simcast.com-premium&logAssertiveYield=false&rand=6&rmt=ns
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p2
sb.scorecardresearch.com/ Frame 4DC8
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1668378916696&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1668378916696&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&n...
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1668378916696&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=2359689&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1668378919005&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2309&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=NBA&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Server
108.138.106.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-43.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
via
1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
content-length
43
x-amz-cf-id
4d8fVvpE7HDUFy0S-9wgZeWc3EeorMDULeeckWqgMur6R8SfSFdeOA==
x-cache
Miss from cloudfront
content-type
image/gif

Redirect headers

location
/p2?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1668378916696&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=2359689&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1668378919005&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2309&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=NBA&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0
date
Sun, 13 Nov 2022 22:35:19 GMT
via
1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
content-length
0
x-amz-cf-id
Y7nN65bI5WDdptkTOic-BuZGNQvH_ev3VMisyZNzMS8Hd9wZVKZG-Q==
x-cache
Miss from cloudfront
blacklist_script.js
tagan.adlightning.com/amobee/ Frame 6DD4 		26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/amobee/blacklist_script.js
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/ads.js?code=46604413&aid=53543505&tuid=8372312124404870238&duid=2331523891413183289&uimpd=18v4Uvl_Jjhe_MoyHIHzu1K2JsqqxUj9JEq-r-cCfWCb8xYYHa6KuPE-MH6UIW-7BtE2XnV_3CZwd4tG6GU8bOQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiMp9C8vuEu1kdR8sYCx6d3CibXMU9d0e2zk9C26sx82kW9vD4Nj3XzFEQP6WoRn5MmlfXjULsh3dZReW5bnihtScgFEMJf6VV5iRo8seWnJhbSDSzgtoRY0dbciHBurJ_S5V-f9jBTq2UyXueEKgT4xWcWKkaapWSO_vbYrqig5fPvuJVfohwlXVWzV-xl5DFbut3nujrFmPE76GTHOng75UDmHjGGktfS2NzJKo-9LJhWy7-KxKTH-2ta3BtmfAhKqcsKeqMh6KeI6IgIQkFvUAcolElfh6ehOwtVs2Qqc3FKPNToaD7_Fl6Njjd5PrClqcnhxqib_5HDknsAObCPSXYemlrDel2kbVu_bCbqiVNq9wHnjg7NdbGmDFiCCjrQDxREoWysS3t_3gZeSRKQxINY1pe-xhkfy3Bh4pMKpy4kOY1ubb_ynu51xuTaLSVqjmU9m4Pv7Jh_dl7yTnulZL1iBu4ruyES-G9ygyU1pdPneTA9I3KqIN2q8u4uULK5aQAtLKZsQOuFStsRWI4XKp8c_EVh9pS5-xHbSl6D8zBAFzhO1rP8kjQxYnNPuy0lZOoXTgs3XRBMjplqHqUyJkvFPMvB2Fu2dxUqB1Lbupv_jqVF5CMDHrJ8lfrQsZub4PWEFuCpA-uHdDaGGfiRR2h2GBgpH4bzuwJRJ8TlmHrL0uxlUbnfe53T-VEmn6MITO8p6Dig6eFFR2BHKNcRLbdqg2iIujodDImszKFSOtyqjHX48tj90t1bYM3dWdtWcoQ7NudP6gZvbEP-DSNdqn2qcTWB8tUjvFO7iZO941O5oPIq2H4fax9HZ0bA2yRXTqulq5rx05zEM6xu8oQtdRdyRdpll_7l3YiBUfPnjzg&acp=1.1203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54d708aba01131b28d5b20a2255730f941d391f2a3d33a809be045067167b89a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
RNK4FL9Xx9hewHkGNV7M8yI4W_d.63oX
content-encoding
gzip
via
1.1 6886c621d4716e156349149ba8d65b40.cloudfront.net (CloudFront)
date
Sun, 13 Nov 2022 22:09:35 GMT
x-amz-cf-pop
EWR53-C3
age
1545
x-cache
Hit from cloudfront
content-length
11763
x-amz-meta-git_commit
ec62c49
last-modified
Sun, 13 Nov 2022 19:09:31 GMT
server
AmazonS3
etag
"16eb3bc0a1aa978ff116acdb4249b8c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
gUPet8GfOvlI6RCDK1hY8xDN9aZX1Hgah6fI8AZeaSKWtkQj4JSUbw==
blocking_script.js
tagan.adlightning.com/amobee/ Frame 6DD4 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/amobee/blocking_script.js
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/ads.js?code=46604413&aid=53543505&tuid=8372312124404870238&duid=2331523891413183289&uimpd=18v4Uvl_Jjhe_MoyHIHzu1K2JsqqxUj9JEq-r-cCfWCb8xYYHa6KuPE-MH6UIW-7BtE2XnV_3CZwd4tG6GU8bOQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiMp9C8vuEu1kdR8sYCx6d3CibXMU9d0e2zk9C26sx82kW9vD4Nj3XzFEQP6WoRn5MmlfXjULsh3dZReW5bnihtScgFEMJf6VV5iRo8seWnJhbSDSzgtoRY0dbciHBurJ_S5V-f9jBTq2UyXueEKgT4xWcWKkaapWSO_vbYrqig5fPvuJVfohwlXVWzV-xl5DFbut3nujrFmPE76GTHOng75UDmHjGGktfS2NzJKo-9LJhWy7-KxKTH-2ta3BtmfAhKqcsKeqMh6KeI6IgIQkFvUAcolElfh6ehOwtVs2Qqc3FKPNToaD7_Fl6Njjd5PrClqcnhxqib_5HDknsAObCPSXYemlrDel2kbVu_bCbqiVNq9wHnjg7NdbGmDFiCCjrQDxREoWysS3t_3gZeSRKQxINY1pe-xhkfy3Bh4pMKpy4kOY1ubb_ynu51xuTaLSVqjmU9m4Pv7Jh_dl7yTnulZL1iBu4ruyES-G9ygyU1pdPneTA9I3KqIN2q8u4uULK5aQAtLKZsQOuFStsRWI4XKp8c_EVh9pS5-xHbSl6D8zBAFzhO1rP8kjQxYnNPuy0lZOoXTgs3XRBMjplqHqUyJkvFPMvB2Fu2dxUqB1Lbupv_jqVF5CMDHrJ8lfrQsZub4PWEFuCpA-uHdDaGGfiRR2h2GBgpH4bzuwJRJ8TlmHrL0uxlUbnfe53T-VEmn6MITO8p6Dig6eFFR2BHKNcRLbdqg2iIujodDImszKFSOtyqjHX48tj90t1bYM3dWdtWcoQ7NudP6gZvbEP-DSNdqn2qcTWB8tUjvFO7iZO941O5oPIq2H4fax9HZ0bA2yRXTqulq5rx05zEM6xu8oQtdRdyRdpll_7l3YiBUfPnjzg&acp=1.1203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
949be03475cd52707c957212a6201a1cfb5d9c05cc662971090ab61bd0be6683

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
KAA.Id8C2X_jrCGOtUOP9pw9bkOJAX.J
content-encoding
gzip
via
1.1 6886c621d4716e156349149ba8d65b40.cloudfront.net (CloudFront)
date
Sun, 13 Nov 2022 21:51:22 GMT
x-amz-cf-pop
EWR53-C3
age
2638
x-cache
Hit from cloudfront
content-length
33110
x-amz-meta-git_commit
8db6969
last-modified
Mon, 31 Oct 2022 19:50:46 GMT
server
AmazonS3
etag
"517165b037726fd238ea46ab48da3663"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
n01FBQ-QRvsLXLBB_Hbdov1QKM9QCWo_jnLT7WCKd3zuwhmbPMQHnw==
pictures_1_2022_POSS_Retargeting_PurchasePromotion_MoreBar_MealBar_Amobee_Get10Off_Display_Static_ShopNow_300x250.jpg
img.turncdn.com/img-data/ Frame 6DD4 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.turncdn.com/img-data/pictures_1_2022_POSS_Retargeting_PurchasePromotion_MoreBar_MealBar_Amobee_Get10Off_Display_Static_ShopNow_300x250.jpg
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/ads.js?code=46604413&aid=53543505&tuid=8372312124404870238&duid=2331523891413183289&uimpd=18v4Uvl_Jjhe_MoyHIHzu1K2JsqqxUj9JEq-r-cCfWCb8xYYHa6KuPE-MH6UIW-7BtE2XnV_3CZwd4tG6GU8bOQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiMp9C8vuEu1kdR8sYCx6d3CibXMU9d0e2zk9C26sx82kW9vD4Nj3XzFEQP6WoRn5MmlfXjULsh3dZReW5bnihtScgFEMJf6VV5iRo8seWnJhbSDSzgtoRY0dbciHBurJ_S5V-f9jBTq2UyXueEKgT4xWcWKkaapWSO_vbYrqig5fPvuJVfohwlXVWzV-xl5DFbut3nujrFmPE76GTHOng75UDmHjGGktfS2NzJKo-9LJhWy7-KxKTH-2ta3BtmfAhKqcsKeqMh6KeI6IgIQkFvUAcolElfh6ehOwtVs2Qqc3FKPNToaD7_Fl6Njjd5PrClqcnhxqib_5HDknsAObCPSXYemlrDel2kbVu_bCbqiVNq9wHnjg7NdbGmDFiCCjrQDxREoWysS3t_3gZeSRKQxINY1pe-xhkfy3Bh4pMKpy4kOY1ubb_ynu51xuTaLSVqjmU9m4Pv7Jh_dl7yTnulZL1iBu4ruyES-G9ygyU1pdPneTA9I3KqIN2q8u4uULK5aQAtLKZsQOuFStsRWI4XKp8c_EVh9pS5-xHbSl6D8zBAFzhO1rP8kjQxYnNPuy0lZOoXTgs3XRBMjplqHqUyJkvFPMvB2Fu2dxUqB1Lbupv_jqVF5CMDHrJ8lfrQsZub4PWEFuCpA-uHdDaGGfiRR2h2GBgpH4bzuwJRJ8TlmHrL0uxlUbnfe53T-VEmn6MITO8p6Dig6eFFR2BHKNcRLbdqg2iIujodDImszKFSOtyqjHX48tj90t1bYM3dWdtWcoQ7NudP6gZvbEP-DSNdqn2qcTWB8tUjvFO7iZO941O5oPIq2H4fax9HZ0bA2yRXTqulq5rx05zEM6xu8oQtdRdyRdpll_7l3YiBUfPnjzg&acp=1.1203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.87.165.153 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-165-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a30067e1e8834c985269d61eb62bdb784c19fe989f651c1307f9935f7a4c47d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Last-Modified
Tue, 27 Sep 2022 08:43:41 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
W/"29384-1664268221000"
Content-Length
29384
Content-Type
image/jpeg
B28556545.346949565;dc_pre=COb1zeabrPsCFQIFaAgdH3cHkQ;dc_trk_aid=538543975;dc_trk_cid=178403173;ord=2896496827964140638;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdp...
ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/ Frame 6DD4
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949565;dc_trk_aid=538543975;dc_trk_cid=178403173;ord=2896496827964140638;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949565;dc_pre=COb1zeabrPsCFQIFaAgdH3cHkQ;dc_trk_aid=538543975;dc_trk_cid=178403173;ord=2896496827964140638;dc_lat=;dc_rd...
15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949565;dc_pre=COb1zeabrPsCFQIFaAgdH3cHkQ;dc_trk_aid=538543975;dc_trk_cid=178403173;ord=2896496827964140638;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
9b20b04c905f4293fa04a1f7d9f8ea119c7e173717dce8e93b776f39e1d4c291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11431
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949565;dc_pre=COb1zeabrPsCFQIFaAgdH3cHkQ;dc_trk_aid=538543975;dc_trk_cid=178403173;ord=2896496827964140638;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
choices.truste.com/ Frame 6DD4 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=turn01&aid=turn01&cid=1608812128&c=2896496827964140638&w=300&h=250&js=turn0&admarker=dynamic&uid=8372312124404870238
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/ads.js?code=46604413&aid=53543505&tuid=8372312124404870238&duid=2331523891413183289&uimpd=18v4Uvl_Jjhe_MoyHIHzu1K2JsqqxUj9JEq-r-cCfWCb8xYYHa6KuPE-MH6UIW-7BtE2XnV_3CZwd4tG6GU8bOQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiMp9C8vuEu1kdR8sYCx6d3CibXMU9d0e2zk9C26sx82kW9vD4Nj3XzFEQP6WoRn5MmlfXjULsh3dZReW5bnihtScgFEMJf6VV5iRo8seWnJhbSDSzgtoRY0dbciHBurJ_S5V-f9jBTq2UyXueEKgT4xWcWKkaapWSO_vbYrqig5fPvuJVfohwlXVWzV-xl5DFbut3nujrFmPE76GTHOng75UDmHjGGktfS2NzJKo-9LJhWy7-KxKTH-2ta3BtmfAhKqcsKeqMh6KeI6IgIQkFvUAcolElfh6ehOwtVs2Qqc3FKPNToaD7_Fl6Njjd5PrClqcnhxqib_5HDknsAObCPSXYemlrDel2kbVu_bCbqiVNq9wHnjg7NdbGmDFiCCjrQDxREoWysS3t_3gZeSRKQxINY1pe-xhkfy3Bh4pMKpy4kOY1ubb_ynu51xuTaLSVqjmU9m4Pv7Jh_dl7yTnulZL1iBu4ruyES-G9ygyU1pdPneTA9I3KqIN2q8u4uULK5aQAtLKZsQOuFStsRWI4XKp8c_EVh9pS5-xHbSl6D8zBAFzhO1rP8kjQxYnNPuy0lZOoXTgs3XRBMjplqHqUyJkvFPMvB2Fu2dxUqB1Lbupv_jqVF5CMDHrJ8lfrQsZub4PWEFuCpA-uHdDaGGfiRR2h2GBgpH4bzuwJRJ8TlmHrL0uxlUbnfe53T-VEmn6MITO8p6Dig6eFFR2BHKNcRLbdqg2iIujodDImszKFSOtyqjHX48tj90t1bYM3dWdtWcoQ7NudP6gZvbEP-DSNdqn2qcTWB8tUjvFO7iZO941O5oPIq2H4fax9HZ0bA2yRXTqulq5rx05zEM6xu8oQtdRdyRdpll_7l3YiBUfPnjzg&acp=1.1203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-46.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
91d2ff8cd183add13f7bc094471b6c8e25f11c7996a74b239f87dae48524d80e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 59d9797319b555b25abd21e200e6e428.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
EWR52-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
4j2dKzFHsvl00gwVORDmuYfIer_RqGJQupXhBxUQ4TshH-75nsQTPQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 6DD4 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=499512&cmp=3352560&sid=turn&plc=33525601&advid=2661345&adsrv=21&btreg=&btadsrv=&dvtagver=6.1.src&DVP_TF_TT=1&DVP_TF_CT=1&DVPX_TF_IP=$!{BID_TIME_USER_IP}&DVPX_TF_IP6=2602:ffc8:1::&DVPX_TF_IP6_IMP=2602:ffc8:1:1::7&DVPX_TF_IMP_ID=2896496827964140638&DVP_TF_ADV_ID=1608812128&DVP_TF_IO_ID=1608836080&DVP_TF_LI_ID=1608856406&DVP_TF_INV_SRC_ID=158&DVP_TF_PUB_ID=1223411471&turl=https%3A%2F%2Fsimcast.com&DVPX_TF_UA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.110+Safari%2F537.36&DVPX_TF_BID_TS=1668378917993&DVP_TF_BUNDLE_ID=&DVPX_TF_UID=8372312124404870238&DVP_TF_ENV=DESKTOP_WEB
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/ads.js?code=46604413&aid=53543505&tuid=8372312124404870238&duid=2331523891413183289&uimpd=18v4Uvl_Jjhe_MoyHIHzu1K2JsqqxUj9JEq-r-cCfWCb8xYYHa6KuPE-MH6UIW-7BtE2XnV_3CZwd4tG6GU8bOQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiMp9C8vuEu1kdR8sYCx6d3CibXMU9d0e2zk9C26sx82kW9vD4Nj3XzFEQP6WoRn5MmlfXjULsh3dZReW5bnihtScgFEMJf6VV5iRo8seWnJhbSDSzgtoRY0dbciHBurJ_S5V-f9jBTq2UyXueEKgT4xWcWKkaapWSO_vbYrqig5fPvuJVfohwlXVWzV-xl5DFbut3nujrFmPE76GTHOng75UDmHjGGktfS2NzJKo-9LJhWy7-KxKTH-2ta3BtmfAhKqcsKeqMh6KeI6IgIQkFvUAcolElfh6ehOwtVs2Qqc3FKPNToaD7_Fl6Njjd5PrClqcnhxqib_5HDknsAObCPSXYemlrDel2kbVu_bCbqiVNq9wHnjg7NdbGmDFiCCjrQDxREoWysS3t_3gZeSRKQxINY1pe-xhkfy3Bh4pMKpy4kOY1ubb_ynu51xuTaLSVqjmU9m4Pv7Jh_dl7yTnulZL1iBu4ruyES-G9ygyU1pdPneTA9I3KqIN2q8u4uULK5aQAtLKZsQOuFStsRWI4XKp8c_EVh9pS5-xHbSl6D8zBAFzhO1rP8kjQxYnNPuy0lZOoXTgs3XRBMjplqHqUyJkvFPMvB2Fu2dxUqB1Lbupv_jqVF5CMDHrJ8lfrQsZub4PWEFuCpA-uHdDaGGfiRR2h2GBgpH4bzuwJRJ8TlmHrL0uxlUbnfe53T-VEmn6MITO8p6Dig6eFFR2BHKNcRLbdqg2iIujodDImszKFSOtyqjHX48tj90t1bYM3dWdtWcoQ7NudP6gZvbEP-DSNdqn2qcTWB8tUjvFO7iZO941O5oPIq2H4fax9HZ0bA2yRXTqulq5rx05zEM6xu8oQtdRdyRdpll_7l3YiBUfPnjzg&acp=1.1203
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3f::1731:fbda Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Nov 2022 10:32:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0fff8d26f4d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
blacklist_script.js
tagan.adlightning.com/amobee/ Frame 6858 		26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/amobee/blacklist_script.js
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/ads.js?code=46585255&aid=53543507&tuid=3847914353920511232&duid=2331523891413183289&uimpd=1Eyc6i4Ny7jBYBoWGG0iDrxzZZE3I57W8U0_CU2LG3Pz8xYYHa6KuPE-MH6UIW-7B3jecPunu4aXl6u97VMPY_QVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiNJW90y_oOHheZLYYgRDt3zew9iWyajTz3LOGypa6pzjaOhTmAWfFu2xzJvZwvAfY7LhzWzy68iLQmf7hXHhlptKGrFSjFsxJjhkQleR4jx0lDAeRkvpnDrUOD3rpQXPjoXwQsSlpxKWOwnR4ICWD6HgrGxaP_tT9YehalINy5d9dPuTnu47lFWyatmcm9RCr12msuZA7bvIE0T1M8ApfDr6xm4B16_GjmtwmNM-e8_2nESssmpB9aMR8gpwmSHXqQ2N7-T3EbgeTFk_ArU8BYQlxAzXpNX-X4enzibMZ7SzE1AuiKhErEulFpA9Y1i2WEmhPuOe-nU99FAsGP7ZMwyC-ICT55qnhaKVX6le4dAieHuUcIpxVYKB8pkd9ZsUHiFzULf9MnjY_4JzKQPoaAqYywW6jiQ2Qu2pe4bTi-kAK3xkcBwAvcxf_v0N14fry1FJ-9FPOf0y2ywm3aOVIgxdeEq4YmDyLNKipXxJLgk9YPhIqX_3Sqt5lz3wjWtuC5VqqqSaRzqXXTTfnUkpZCfbGfCPSMAZOWpPry3ZyGhHxdNKET4CyfoCYPohhtzNNkRjgDILN8VX28pREvZrlqbCqBcnEfB0Fw_yCryqJcyBGOku3x_Tr5XEimD-pkK8iKOobAnCvdPWciHzZtF-fxKz5cdwHqwBj43FH_vVAVkxvVa5TQgRSt7cIgC084bCo_-c3N6tJSLOTPGJM8Foy7ub497PvSCeZdqESmpecKKgTAKeb5zoF5dE4COxUEGHLMW_4n-OGbheo8WFbZXf0kbaCxUmVuRHvXG5JZaHgxT0PzGHEZoE8rx4fPREQSxhmXISPTR6PMiceUDcgfapBvB&acp=1.1203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54d708aba01131b28d5b20a2255730f941d391f2a3d33a809be045067167b89a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
RNK4FL9Xx9hewHkGNV7M8yI4W_d.63oX
content-encoding
gzip
via
1.1 6886c621d4716e156349149ba8d65b40.cloudfront.net (CloudFront)
date
Sun, 13 Nov 2022 22:09:35 GMT
x-amz-cf-pop
EWR53-C3
age
1545
x-cache
Hit from cloudfront
content-length
11763
x-amz-meta-git_commit
ec62c49
last-modified
Sun, 13 Nov 2022 19:09:31 GMT
server
AmazonS3
etag
"16eb3bc0a1aa978ff116acdb4249b8c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
muBLLTHv-LF-MQ71l43Fp3UoPoG-jYuh3vlY-6ZRFR-MJuhOjPPSXw==
blocking_script.js
tagan.adlightning.com/amobee/ Frame 6858 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/amobee/blocking_script.js
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/ads.js?code=46585255&aid=53543507&tuid=3847914353920511232&duid=2331523891413183289&uimpd=1Eyc6i4Ny7jBYBoWGG0iDrxzZZE3I57W8U0_CU2LG3Pz8xYYHa6KuPE-MH6UIW-7B3jecPunu4aXl6u97VMPY_QVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiNJW90y_oOHheZLYYgRDt3zew9iWyajTz3LOGypa6pzjaOhTmAWfFu2xzJvZwvAfY7LhzWzy68iLQmf7hXHhlptKGrFSjFsxJjhkQleR4jx0lDAeRkvpnDrUOD3rpQXPjoXwQsSlpxKWOwnR4ICWD6HgrGxaP_tT9YehalINy5d9dPuTnu47lFWyatmcm9RCr12msuZA7bvIE0T1M8ApfDr6xm4B16_GjmtwmNM-e8_2nESssmpB9aMR8gpwmSHXqQ2N7-T3EbgeTFk_ArU8BYQlxAzXpNX-X4enzibMZ7SzE1AuiKhErEulFpA9Y1i2WEmhPuOe-nU99FAsGP7ZMwyC-ICT55qnhaKVX6le4dAieHuUcIpxVYKB8pkd9ZsUHiFzULf9MnjY_4JzKQPoaAqYywW6jiQ2Qu2pe4bTi-kAK3xkcBwAvcxf_v0N14fry1FJ-9FPOf0y2ywm3aOVIgxdeEq4YmDyLNKipXxJLgk9YPhIqX_3Sqt5lz3wjWtuC5VqqqSaRzqXXTTfnUkpZCfbGfCPSMAZOWpPry3ZyGhHxdNKET4CyfoCYPohhtzNNkRjgDILN8VX28pREvZrlqbCqBcnEfB0Fw_yCryqJcyBGOku3x_Tr5XEimD-pkK8iKOobAnCvdPWciHzZtF-fxKz5cdwHqwBj43FH_vVAVkxvVa5TQgRSt7cIgC084bCo_-c3N6tJSLOTPGJM8Foy7ub497PvSCeZdqESmpecKKgTAKeb5zoF5dE4COxUEGHLMW_4n-OGbheo8WFbZXf0kbaCxUmVuRHvXG5JZaHgxT0PzGHEZoE8rx4fPREQSxhmXISPTR6PMiceUDcgfapBvB&acp=1.1203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
949be03475cd52707c957212a6201a1cfb5d9c05cc662971090ab61bd0be6683

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
KAA.Id8C2X_jrCGOtUOP9pw9bkOJAX.J
content-encoding
gzip
via
1.1 6886c621d4716e156349149ba8d65b40.cloudfront.net (CloudFront)
date
Sun, 13 Nov 2022 21:51:22 GMT
x-amz-cf-pop
EWR53-C3
age
2638
x-cache
Hit from cloudfront
content-length
33110
x-amz-meta-git_commit
8db6969
last-modified
Mon, 31 Oct 2022 19:50:46 GMT
server
AmazonS3
etag
"517165b037726fd238ea46ab48da3663"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Ccc7szhKZPfpV9muohhalqd9-WO3zRyitdqnJdjTKjb_HR2HTC9ChQ==
pictures_1_2022_POSS_Retargeting_PurchasePromotion_GreensAllIn_Greens_Amobee_SubSave20_Display_Static_ShopNow_728x90.jpg
img.turncdn.com/img-data/ Frame 6858 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.turncdn.com/img-data/pictures_1_2022_POSS_Retargeting_PurchasePromotion_GreensAllIn_Greens_Amobee_SubSave20_Display_Static_ShopNow_728x90.jpg
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/ads.js?code=46585255&aid=53543507&tuid=3847914353920511232&duid=2331523891413183289&uimpd=1Eyc6i4Ny7jBYBoWGG0iDrxzZZE3I57W8U0_CU2LG3Pz8xYYHa6KuPE-MH6UIW-7B3jecPunu4aXl6u97VMPY_QVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiNJW90y_oOHheZLYYgRDt3zew9iWyajTz3LOGypa6pzjaOhTmAWfFu2xzJvZwvAfY7LhzWzy68iLQmf7hXHhlptKGrFSjFsxJjhkQleR4jx0lDAeRkvpnDrUOD3rpQXPjoXwQsSlpxKWOwnR4ICWD6HgrGxaP_tT9YehalINy5d9dPuTnu47lFWyatmcm9RCr12msuZA7bvIE0T1M8ApfDr6xm4B16_GjmtwmNM-e8_2nESssmpB9aMR8gpwmSHXqQ2N7-T3EbgeTFk_ArU8BYQlxAzXpNX-X4enzibMZ7SzE1AuiKhErEulFpA9Y1i2WEmhPuOe-nU99FAsGP7ZMwyC-ICT55qnhaKVX6le4dAieHuUcIpxVYKB8pkd9ZsUHiFzULf9MnjY_4JzKQPoaAqYywW6jiQ2Qu2pe4bTi-kAK3xkcBwAvcxf_v0N14fry1FJ-9FPOf0y2ywm3aOVIgxdeEq4YmDyLNKipXxJLgk9YPhIqX_3Sqt5lz3wjWtuC5VqqqSaRzqXXTTfnUkpZCfbGfCPSMAZOWpPry3ZyGhHxdNKET4CyfoCYPohhtzNNkRjgDILN8VX28pREvZrlqbCqBcnEfB0Fw_yCryqJcyBGOku3x_Tr5XEimD-pkK8iKOobAnCvdPWciHzZtF-fxKz5cdwHqwBj43FH_vVAVkxvVa5TQgRSt7cIgC084bCo_-c3N6tJSLOTPGJM8Foy7ub497PvSCeZdqESmpecKKgTAKeb5zoF5dE4COxUEGHLMW_4n-OGbheo8WFbZXf0kbaCxUmVuRHvXG5JZaHgxT0PzGHEZoE8rx4fPREQSxhmXISPTR6PMiceUDcgfapBvB&acp=1.1203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.87.165.153 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-165-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4ca4781e41894e6a1e08474d08ad435a1f40557af00fc3db51ee788d29a1f071

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Last-Modified
Tue, 27 Sep 2022 08:43:41 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
W/"25730-1664268221000"
Content-Length
25730
Content-Type
image/jpeg
B28556545.346949583;dc_pre=CN3wzeabrPsCFTEEaAgdyJcFvQ;dc_trk_aid=538543981;dc_trk_cid=178403173;ord=3545328753956556032;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdp...
ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/ Frame 6858
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949583;dc_trk_aid=538543981;dc_trk_cid=178403173;ord=3545328753956556032;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949583;dc_pre=CN3wzeabrPsCFTEEaAgdyJcFvQ;dc_trk_aid=538543981;dc_trk_cid=178403173;ord=3545328753956556032;dc_lat=;dc_rd...
15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949583;dc_pre=CN3wzeabrPsCFTEEaAgdyJcFvQ;dc_trk_aid=538543981;dc_trk_cid=178403173;ord=3545328753956556032;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
98030f175cb41f733bc7f0c3317b9f221e6e09c7bc0e7350311f4101019e0935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11471
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimpj/N510001.282766AMOBEE22/B28556545.346949583;dc_pre=CN3wzeabrPsCFTEEaAgdyJcFvQ;dc_trk_aid=538543981;dc_trk_cid=178403173;ord=3545328753956556032;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
choices.truste.com/ Frame 6858 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=turn01&aid=turn01&cid=1608812128&c=3545328753956556032&w=728&h=90&js=turn0&admarker=dynamic&uid=3847914353920511232
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/ads.js?code=46585255&aid=53543507&tuid=3847914353920511232&duid=2331523891413183289&uimpd=1Eyc6i4Ny7jBYBoWGG0iDrxzZZE3I57W8U0_CU2LG3Pz8xYYHa6KuPE-MH6UIW-7B3jecPunu4aXl6u97VMPY_QVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiNJW90y_oOHheZLYYgRDt3zew9iWyajTz3LOGypa6pzjaOhTmAWfFu2xzJvZwvAfY7LhzWzy68iLQmf7hXHhlptKGrFSjFsxJjhkQleR4jx0lDAeRkvpnDrUOD3rpQXPjoXwQsSlpxKWOwnR4ICWD6HgrGxaP_tT9YehalINy5d9dPuTnu47lFWyatmcm9RCr12msuZA7bvIE0T1M8ApfDr6xm4B16_GjmtwmNM-e8_2nESssmpB9aMR8gpwmSHXqQ2N7-T3EbgeTFk_ArU8BYQlxAzXpNX-X4enzibMZ7SzE1AuiKhErEulFpA9Y1i2WEmhPuOe-nU99FAsGP7ZMwyC-ICT55qnhaKVX6le4dAieHuUcIpxVYKB8pkd9ZsUHiFzULf9MnjY_4JzKQPoaAqYywW6jiQ2Qu2pe4bTi-kAK3xkcBwAvcxf_v0N14fry1FJ-9FPOf0y2ywm3aOVIgxdeEq4YmDyLNKipXxJLgk9YPhIqX_3Sqt5lz3wjWtuC5VqqqSaRzqXXTTfnUkpZCfbGfCPSMAZOWpPry3ZyGhHxdNKET4CyfoCYPohhtzNNkRjgDILN8VX28pREvZrlqbCqBcnEfB0Fw_yCryqJcyBGOku3x_Tr5XEimD-pkK8iKOobAnCvdPWciHzZtF-fxKz5cdwHqwBj43FH_vVAVkxvVa5TQgRSt7cIgC084bCo_-c3N6tJSLOTPGJM8Foy7ub497PvSCeZdqESmpecKKgTAKeb5zoF5dE4COxUEGHLMW_4n-OGbheo8WFbZXf0kbaCxUmVuRHvXG5JZaHgxT0PzGHEZoE8rx4fPREQSxhmXISPTR6PMiceUDcgfapBvB&acp=1.1203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-46.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
dc15b783b425ce87900c4c31cfcf9fe6c096d1a0634208d99024c40064d31b14
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 59d9797319b555b25abd21e200e6e428.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
EWR52-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
XOCIF_UH1MY3AsYZgVLP-e138vE3N-lAe-MHIx0dLJXWFiNUs6Oj0A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 6858 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=499512&cmp=3352560&sid=turn&plc=33525601&advid=2661345&adsrv=21&btreg=&btadsrv=&dvtagver=6.1.src&DVP_TF_TT=1&DVP_TF_CT=1&DVPX_TF_IP=$!{BID_TIME_USER_IP}&DVPX_TF_IP6=2602:ffc8:1::&DVPX_TF_IP6_IMP=2602:ffc8:1:1::7&DVPX_TF_IMP_ID=3545328753956556032&DVP_TF_ADV_ID=1608812128&DVP_TF_IO_ID=1608836080&DVP_TF_LI_ID=1608856406&DVP_TF_INV_SRC_ID=158&DVP_TF_PUB_ID=1223411471&turl=https%3A%2F%2Fsimcast.com&DVPX_TF_UA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F107.0.5304.110+Safari%2F537.36&DVPX_TF_BID_TS=1668378918085&DVP_TF_BUNDLE_ID=&DVPX_TF_UID=3847914353920511232&DVP_TF_ENV=DESKTOP_WEB
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/ads.js?code=46585255&aid=53543507&tuid=3847914353920511232&duid=2331523891413183289&uimpd=1Eyc6i4Ny7jBYBoWGG0iDrxzZZE3I57W8U0_CU2LG3Pz8xYYHa6KuPE-MH6UIW-7B3jecPunu4aXl6u97VMPY_QVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiNJW90y_oOHheZLYYgRDt3zew9iWyajTz3LOGypa6pzjaOhTmAWfFu2xzJvZwvAfY7LhzWzy68iLQmf7hXHhlptKGrFSjFsxJjhkQleR4jx0lDAeRkvpnDrUOD3rpQXPjoXwQsSlpxKWOwnR4ICWD6HgrGxaP_tT9YehalINy5d9dPuTnu47lFWyatmcm9RCr12msuZA7bvIE0T1M8ApfDr6xm4B16_GjmtwmNM-e8_2nESssmpB9aMR8gpwmSHXqQ2N7-T3EbgeTFk_ArU8BYQlxAzXpNX-X4enzibMZ7SzE1AuiKhErEulFpA9Y1i2WEmhPuOe-nU99FAsGP7ZMwyC-ICT55qnhaKVX6le4dAieHuUcIpxVYKB8pkd9ZsUHiFzULf9MnjY_4JzKQPoaAqYywW6jiQ2Qu2pe4bTi-kAK3xkcBwAvcxf_v0N14fry1FJ-9FPOf0y2ywm3aOVIgxdeEq4YmDyLNKipXxJLgk9YPhIqX_3Sqt5lz3wjWtuC5VqqqSaRzqXXTTfnUkpZCfbGfCPSMAZOWpPry3ZyGhHxdNKET4CyfoCYPohhtzNNkRjgDILN8VX28pREvZrlqbCqBcnEfB0Fw_yCryqJcyBGOku3x_Tr5XEimD-pkK8iKOobAnCvdPWciHzZtF-fxKz5cdwHqwBj43FH_vVAVkxvVa5TQgRSt7cIgC084bCo_-c3N6tJSLOTPGJM8Foy7ub497PvSCeZdqESmpecKKgTAKeb5zoF5dE4COxUEGHLMW_4n-OGbheo8WFbZXf0kbaCxUmVuRHvXG5JZaHgxT0PzGHEZoE8rx4fPREQSxhmXISPTR6PMiceUDcgfapBvB&acp=1.1203
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3f::1731:fbda Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Nov 2022 10:32:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0fff8d26f4d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6DD4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/amobee/blocking_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 04:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 04:43:51 GMT
dv-measurements3130.js
cdn.doubleverify.com/ Frame 967B 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3130.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/amobee/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3f::1731:fbda Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Oct 2022 11:48:15 GMT
Server
Microsoft-IIS/10.0
ETag
"80e9d655d5e6d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106973
dynamic_ddc.htm
presentation-atl1.turn.com/server/ Frame 6AF5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
1e1f70157776e3e768a67de8073adc61f8b0c021aefeb71532523ccdd9e8b20e

Request headers

Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 13 Nov 2022 22:35:18 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
vary
accept-encoding
RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
sync.targeting.unrulymedia.com/csync/ Frame 6DD4 		43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005?rndcb=5307507062
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
idsync
tg.socdm.com/aux/ Frame 6DD4 		43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=unruly_dsp&ssp_uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=8753630270
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.241.208.53 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-SO-Cluster-ID
21
Date
Sun, 13 Nov 2022 22:35:19 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=unruly_dsp&ssp_uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=8753630270","cluster_id":21,"gdpr":false,"ipv4":"104.237.193.29","key":"Y3FxJ8Co5uYAADAn95UAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad277"}
X-SO-Key
Y3FxJ8Co5uYAADAn95UAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad277
P3P
CP="See also http://www.scaleout.jp/privacy/"
Content-Type
image/gif
Cache-Control
private
X-SO-HostName
m-ad277.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
43
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-IP
104.237.193.29
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 6DD4 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=rhythmxchange.com&idType=cookie&partnerUserId=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=5778944625
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.73.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-73-217.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
7439d680-63a3-11ed-aea0-0a0fee07b631
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-089f2626fad780a31
match
ads.altitude-arena.com/ Frame 6DD4 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.altitude-arena.com/match?bidder_id=V8N4GGRTST2E9DOSUFV65IOIM8&external_user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=4423535724
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.191.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-191-58.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
content-length
0
content-type
image/avif
sync
sync.bfmio.com/ Frame 6DD4 		0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=179&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=5853807666
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.21.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-21-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 13 Nov 2022 22:35:18 GMT
match
ads.betweendigital.com/ Frame 6DD4
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=116&external_user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3949199317
  • https://ads.betweendigital.com/match?bidder_id=116&external_user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3949199317&crf=1
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=116&external_user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3949199317&crf=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=116&external_user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3949199317&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
ups.analytics.yahoo.com/ups/56551/ Frame 6DD4 		0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/56551/sync?uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&_origin=1&rndcb=6844197120
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
unruly.gif
sync.colossusssp.com/ Frame 6DD4 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/unruly.gif?puid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=6950601839
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.121 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
um
sync.e-planning.net/ Frame 6DD4 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&dc=1079cc634ca638f8&iss=1&rndcb=3101297062
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

server
openresty
date
Sun, 13 Nov 2022 22:35:19 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 6DD4 		35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=6993608261
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0
user-registering
ads.stickyadstv.com/ Frame 6DD4 		43 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1570&userId=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1939080116
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1668378920142044-295
r1-usync
router.infolinks.com/dyn/ Frame 6DD4 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7948727571
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
769afad80ea9e1d3-ORD
content-length
35
expires
Sat, 13 Nov 2021 22:35:19 GMT
cs
cs.yellowblue.io/ Frame 6DD4 		0
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?&aid=11557&id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1381697001
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.147.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-147-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
x-reason
advertiser 11557 not exists
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
content-type
application/javascript
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
cs
cs.lkqd.net/ Frame 6DD4 		43 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=6154536096
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.147 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
/
csync.loopme.me/ Frame 6DD4 		0
0
m
cm.mgid.com/ Frame 6DD4 		11 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433142&c=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3425718618
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
769afad8c8ff2a81-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11
content-type
text/plain; charset=utf-8
user-sync
sync.adkernel.com/ Frame 6DD4 		42 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=11&t=image&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1908251924
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42
5698702766
simage2.pubmatic.com/AdServer/ Frame 6DD4
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=5698702766
  • https://simage2.pubmatic.com/AdServer/5698702766
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/5698702766
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

location
5698702766
date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rtset
bh.contextweb.com/bh/ Frame 6DD4 		49 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558189&ev=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=2349543040
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7bd458bbdd-jcgm4
expires
-1
cs
cs.yellowblue.io/ Frame 6DD4 		0
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11579&id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3887612581
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.147.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-147-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
date
Sun, 13 Nov 2022 22:35:19 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
csync
sync.sync.viewdeos.com/ Frame 6DD4 		0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sync.viewdeos.com/csync?t=a&ep=316745&extuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=5546580462
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
Adtelligent
Etag
9c685193e8d8984d
Content-Length
0
csync
sync.adtelligent.com/ Frame 6DD4 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=184695798
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
Adtelligent
Etag
9c685193e8d8984d
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 6DD4 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&ex=rhythmone.com&rndcb=587100719
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6TSPB0YPHAWF4X5SRJC0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 6DD4 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=200&key=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=8582524769
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-8-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-length
0
user-sync
sync.adkernel.com/ Frame 6DD4 		42 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=73&t=image&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7091404627
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42
csync
sync.adtelligent.com/ Frame 6DD4 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=721378&extuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=4713803957
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
Adtelligent
Etag
9c685193e8d8984d
Content-Length
0
cookiesyncendpoint
sync.aniview.com/ Frame 6DD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1624283237666-936926128242-025699-007-001687&biddername=200&key=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=740759991
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-8-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
sync
ads.servenobid.com/ Frame 6DD4 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7046900536
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.22.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-22-183.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersyncs
api.feedad.com/1.1/web/ Frame 6DD4 		0
0
rmpssp
sync.1rx.io/syncpixel/ Frame 6DD4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_cm=1&google_hm=BU6MihofvEA-iL4Qx2T95nU&rndcb=174602673
  • https://sync.1rx.io/syncpixel/rmpssp?sub=google&rndcb=174602673&google_gid=CAESEEUlwQW7yZ2T65FqOTMRpH0&google_cver=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/syncpixel/rmpssp?sub=google&rndcb=174602673&google_gid=CAESEEUlwQW7yZ2T65FqOTMRpH0&google_cver=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.1rx.io/syncpixel/rmpssp?sub=google&rndcb=174602673&google_gid=CAESEEUlwQW7yZ2T65FqOTMRpH0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unr1865.gif
us.ck-ie.com/ Frame 6DD4 		42 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/unr1865.gif?puid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7529669222
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
ur-usync
router.infolinks.com/dyn/ Frame 6DD4 		35 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ur-usync?uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7955014790
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
769afadaaa98e1d3-ORD
content-length
35
expires
Sat, 13 Nov 2021 22:35:20 GMT
unruly
ex.ingage.tech/v1/syncPage/ Frame 6DD4 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/syncPage/unruly?uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=8584054560
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:53d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
769afadb18afe118-ORD
vary
Origin
un
match.justpremium.com/match/ Frame 6DD4 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/un?rid=r-4111cedb-72e5-4a0d-8cbd-4b6c3882923c-1687-778229178&jp_uid=lk2-um-bfeb8f08-96fa-4da8-b070-7171050cd12e-1613989936&ex_uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7981693938
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.84.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-84-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-length
43
content-type
image/gif
unruly
crb.kargo.com/api/v1/dsync/ Frame 6DD4 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/unruly?exid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1724163811
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.71.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-71-0.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
a22c97a398162cd2b45b2be65de85a42.gif
cs.krushmedia.com/ Frame 6DD4
Redirect Chain
  • https://cs.krushmedia.com/bcceb9af87ecb29c4c43c11ae93b1cc9.gif?puid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&redir=[RED]&rndcb=852102173
  • https://ap.lijit.com/pixel?cs=1&vsid=1312938566623046000V10&type=sov&ovsid=e21aa261-00b2-4800-a51a-8bde5150b6d1&redir=https%3A%2F%2Fcs.krushmedia.com%2Fa22c97a398162cd2b45b2be65de85a42.gif%3Fpuid%3...
  • https://cs.krushmedia.com/a22c97a398162cd2b45b2be65de85a42.gif?puid=FpYrdQZHtPzoiSclTbOgNJke
42 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.krushmedia.com/a22c97a398162cd2b45b2be65de85a42.gif?puid=FpYrdQZHtPzoiSclTbOgNJke
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
8.2.110.134 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0

Redirect headers

date
Sun, 13 Nov 2022 22:35:20 GMT
pod
X-Sovrn-Pod: ad_ap1dca1
access-control-allow-methods
GET, POST, DELETE, PUT
location
https://cs.krushmedia.com/a22c97a398162cd2b45b2be65de85a42.gif?puid=FpYrdQZHtPzoiSclTbOgNJke
access-control-allow-origin
*
access-control-allow-credentials
true
connection
close
access-control-allow-headers
X-Requested-With, Content-Type
match.php
x.fidelity-media.com/ Frame 6DD4 		0
0
cookie
openrtb.cootlogix.com/api/ Frame 6DD4 		43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openrtb.cootlogix.com/api/cookie?partnerId=kueez-r1&us_privacy=[US_PRIVACY]&userId=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7188779056
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.190.223.83 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
keep-alive
timeout=5
redirect
exchange.mediavine.com/usersync/ Frame 6DD4 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rhythmone&uuid=94800860-d62a-11e9-806a-37fb6ad61dc2&s2sVersion=production&partnerId=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=8665719875
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.7.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-7-4.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookiesyncendpoint
sync.aniview.com/ Frame 6DD4 		0
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1635672126483-964146417653-018146-002-001368&biddername=200&key=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=841579749
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-8-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-length
0
101965
jadserve.postrelease.com/suid/ Frame 6DD4 		43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101965?vk=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=6346220611
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.237.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-237-248.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:21 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
csync
sync.spotim.market/ Frame 6DD4 		0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=8225288226
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
Adtelligent
Etag
9c685193e8d8984d
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 6DD4 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&obUid=$D&rndcb=6947777077
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:20 GMT
Cache-Control
no-cache
X-TraceId
6d80b7c1e2790f5c051c358df06439b1
Content-Length
0
cookiesyncendpoint
sync.aniview.com/ Frame 6DD4 		0
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1655480076088-913043446455-008321-011-009672&biddername=200&key=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=6133980819
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-8-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-length
0
usermatch
usersync.getpublica.com/ Frame 6DD4 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=unruly&did=08c879fa-3a87-43dd-91d0-040e94eedec2&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=8459656770
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.113.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-113-20.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0
RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
sync.pubwise.io/usersync/unrulydspctv/ Frame 6DD4
Redirect Chain
  • https://sync.pubwise.io/usersync/unrulydspctv/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005?rndcb=6763947079
  • https://sync.pubwise.io/usersync/unrulydspctv/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005?zcc=1
43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.pubwise.io/usersync/unrulydspctv/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005?zcc=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
147.75.198.217 , United States, ASN54825 (PACKET, US),
Reverse DNS
sync-1
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
server
nginx

Redirect headers

location
https://sync.pubwise.io/usersync/unrulydspctv/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005?zcc=1
date
Sun, 13 Nov 2022 22:35:20 GMT
server
nginx
content-type
text/html
partner
pixel.servebom.com/ Frame 6DD4 		70 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?svc=us&id=58&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=5493898637
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1668378920.cds183.ch4.hn,1668378920.cds183.ch4.sl
content-type
image/png
cookie
openrtb.cootlogix.com/api/ Frame 6DD4 		43 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openrtb.cootlogix.com/api/cookie?partnerId=shinez-rhythmone&userId=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1585173127
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.190.223.83 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
keep-alive
timeout=5
cs
cs.minutemedia-prebid.com/ Frame 6DD4 		0
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7316067745
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
usersync
sync.springserve.com/ Frame 6DD4 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=628&uuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=6894845963
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.53.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-53-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
services
sync.technoratimedia.com/ Frame 6DD4 		0
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=2740501303
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
234064179
access-control-allow-origin
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
access-control-allow-credentials
true
/
trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/ Frame 6DD4 		0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=8798411019
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
22
date
Sun, 13 Nov 2022 22:35:20 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1668378921.594681,VS0,VE22
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-chi-klot8100171-CHI
usync
ssp.api.tappx.com/cs/ Frame 6DD4 		0
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=162&id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=75321481
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.221.57.18 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
18.57.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-encoding
gzip
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
cookie
sync.cootlogix.com/api/ Frame 6DD4 		43 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=unruly&userId=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1217241012
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.172.154.244 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
keep-alive
timeout=5
setuid
x.videobyte.com/ Frame 6DD4 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.videobyte.com/setuid?bidder=unruly&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=5780645927
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.126.248.223 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
vary
Origin
csync
sync.sync.viewdeos.com/ Frame 6DD4 		0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sync.viewdeos.com/csync?t=a&ep=322319&extuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1270195093
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
Adtelligent
Etag
9c685193e8d8984d
Content-Length
0
pixel
ap.lijit.com/ Frame 6DD4
Redirect Chain
  • https://tracker.ortb.vuukle.com/sync?id=35&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1914571214
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Ftracker.ortb.vuukle.com%2Fsync%3Fid%3D24%26uid%3D%24UID%0A
0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Ftracker.ortb.vuukle.com%2Fsync%3Fid%3D24%26uid%3D%24UID%0A
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
63.251.86.49 Rhoadesville, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap1dca1
access-control-allow-methods
GET, POST, DELETE, PUT

Redirect headers

date
Sun, 13 Nov 2022 22:35:20 GMT
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/plain; charset=utf-8
location
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Ftracker.ortb.vuukle.com%2Fsync%3Fid%3D24%26uid%3D%24UID%0A
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
content-length
142
sync
ads.yieldmo.com/v000/ Frame 6DD4 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=2056784562
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.179.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-179-166.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
tap.php
pixel.rubiconproject.com/ Frame 6DD4 		42 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&expires=30&rndcb=3832944684
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesyncendpoint
sync.aniview.com/ Frame 6DD4 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=13&key=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=6105399703
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-8-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-length
0
v1
match.sharethrough.com/sync/ Frame 6DD4 		68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1858169984
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.157.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-157-165.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png
dcm
s.amazon-adsystem.com/ Frame 6DD4
Redirect Chain
  • https://s.ad.smaato.net/c/?dspInit=1001678&dspCookie=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=4760316021
  • https://s.ad.smaato.net/c/?dspInit=1001678&dspCookie=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=4760316021&cookieCheck=1
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=592dbee6
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=592dbee6
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D5VSGS77VPTCCQ7GP71Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 13 Nov 2022 22:35:20 GMT
via
1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=592dbee6
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
JH7Vt3UnicjSEHXKdnGVTeztdHnCWshm31zPf7GlNTE0qFwiE9nwwA==
/
rtb-csync.smartadserver.com/redir/ Frame 6DD4 		43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7240220360
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
csync.smilewanted.com/set_partner_userid_get/rhythmone/ Frame 6DD4 		0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rhythmone/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005?rndcb=3399591741
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
769afadf0dde29c0-ORD
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
us.gif
sync.go.sonobi.com/ Frame 6DD4 		49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1562860434
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-58
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
r1
c.deployads.com/cs/ Frame 6DD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/r1?b=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=507030051
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.12.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-12-27.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 6DD4 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3662572814
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 6DD4 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=8054&img=1&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7220528842
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.138 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
253
content-length
43
/
sync.taboola.com/sg/rhythmone-network/1/rtb-h/ Frame 6DD4 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=6143258447
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
42362
sync
partners.tremorhub.com/ Frame 6DD4 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRO=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=5811321813
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:6c23:5a2c:6d97:91e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 13 Nov 2022 22:35:21 GMT
server
Apache-Coyote/1.1
content-type
image/gif
xuid
eb2.3lift.com/ Frame 6DD4 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&dongle=2dcc&rndcb=835319398
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 13 Nov 2022 22:35:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
fetch.pix
udmserve.net/udm/ Frame 6DD4 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?roid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=967056148
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
setuid
ib.adnxs.com/ Frame 6DD4 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=375&code=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=2029311287
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
AN-X-Request-Uuid
aa895299-dafa-45eb-9e24-6968b1e51e91
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
708547767479
sync.1rx.io/usersync3/acuityadsdsp// Frame 6DD4
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=34&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Facuityadsdsp%2F%2F___AUID___%3Fzcc%3D0%26sspret%3D1&rndcb=626...
  • https://sync.1rx.io/usersync3/acuityadsdsp//708547767479?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/acuityadsdsp//708547767479?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Access-Control-Allow-Origin
*
Location
https://sync.1rx.io/usersync3/acuityadsdsp//708547767479?zcc=0&sspret=1
Content-Length
0
3481187484987436450
sync.1rx.io/usersync3/adform// Frame 6DD4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1262&redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fadform%2F%2F__ADFUID__%3Fzcc%3D0%26sspret%3D1&rndcb=6497495985
  • https://sync.1rx.io/usersync3/adform//3481187484987436450?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/adform//3481187484987436450?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync.1rx.io/usersync3/adform//3481187484987436450?zcc=0&sspret=1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
40b4d01df3584208ac50d6e48c50fdc9
sync.1rx.io/usersync/admixerdsp/ Frame 6DD4
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=566E1BC0-12FE-4859-A973-45B6C91FB046&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Fadmixerdsp%2F%24%24visitor_cookie%24%24&rndcb=2375060983
  • https://sync.1rx.io/usersync/admixerdsp/40b4d01df3584208ac50d6e48c50fdc9
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/admixerdsp/40b4d01df3584208ac50d6e48c50fdc9
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://sync.1rx.io/usersync/admixerdsp/40b4d01df3584208ac50d6e48c50fdc9
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
3466350839015920407
sync.1rx.io/usersync3/appnexus// Frame 6DD4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=6527435940
  • https://sync.1rx.io/usersync3/appnexus//3466350839015920407?zcc=0&sspret=1&rndcb=6527435940
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/appnexus//3466350839015920407?zcc=0&sspret=1&rndcb=6527435940
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d1f8dca6-d978-4827-a774-0286ac48866a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.1rx.io/usersync3/appnexus//3466350839015920407?zcc=0&sspret=1&rndcb=6527435940
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.html
public.servenobid.com/ Frame 6DD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public.servenobid.com/sync.html?redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fbeachside%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=7526213235
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-23.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
AACws07G4uIAACCR69Mn3A
sync.1rx.io/usersync/beeswax/ Frame 6DD4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=2096942777
  • https://sync.1rx.io/usersync/beeswax/AACws07G4uIAACCR69Mn3A
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/beeswax/AACws07G4uIAACCR69Mn3A
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
https://sync.1rx.io/usersync/beeswax/AACws07G4uIAACCR69Mn3A
Date
Sun, 13 Nov 2022 22:35:21 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
1dfa079c-9b83-533e-a1dd-3d9dc2ac4cba
sync.1rx.io/usersync3/betweenx// Frame 6DD4
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44126&callback_url=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fbetweenx%2F%2F%24%7BUSER_ID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=6967979017
  • https://sync.1rx.io/usersync3/betweenx//1dfa079c-9b83-533e-a1dd-3d9dc2ac4cba?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/betweenx//1dfa079c-9b83-533e-a1dd-3d9dc2ac4cba?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
https://sync.1rx.io/usersync3/betweenx//1dfa079c-9b83-533e-a1dd-3d9dc2ac4cba?zcc=0&sspret=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
646fd8ed-ac69-4a32-a122-20903ac4341c
sync.1rx.io/usersync/bidswitch/ Frame 6DD4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7839496284
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=adconductor&bidswitch_custom_parameter=646fd8ed-ac69-4a32-a122-20903ac4341c
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=1ece8d45ddd757fe1fcc963d30ab1ed7&expires=30&ssp=adconductor&bsw_param=646fd8ed-ac69-4a32-a122-20903ac4341c
  • https://sync.1rx.io/usersync/bidswitch/646fd8ed-ac69-4a32-a122-20903ac4341c?gdpr=&gdpr_consent=
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/bidswitch/646fd8ed-ac69-4a32-a122-20903ac4341c?gdpr=&gdpr_consent=
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Location
//sync.1rx.io/usersync/bidswitch/646fd8ed-ac69-4a32-a122-20903ac4341c?gdpr=&gdpr_consent=
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
b95991f0-5551-4da8-9167-d92e55298dcf
sync.1rx.io/usersync/bidtellect/ Frame 6DD4
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=f25db61a-4f72-43bf-894b-e4ad5f845495&secure=1&rndcb=4911031983
  • https://sync.1rx.io/usersync/bidtellect/b95991f0-5551-4da8-9167-d92e55298dcf
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/bidtellect/b95991f0-5551-4da8-9167-d92e55298dcf
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

x-servername
Track001-iad
pragma
no-cache
date
Sun, 13 Nov 2022 22:34:56 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
content-type
text/html; charset=utf-8
location
https://sync.1rx.io/usersync/bidtellect/b95991f0-5551-4da8-9167-d92e55298dcf
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-length
193
expires
-1
9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553
sync.1rx.io/usersync3/centro// Frame 6DD4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=918697690
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=918697690
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553&partner_url=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F9e1cb20a-...
  • https://sync.1rx.io/usersync3/centro//9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553?zcc=0&sspret=1&rndcb=918697690
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/centro//9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553?zcc=0&sspret=1&rndcb=918697690
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

date
Sun, 13 Nov 2022 22:35:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://sync.1rx.io/usersync3/centro//9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553?zcc=0&sspret=1&rndcb=918697690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel.gif
aorta.clickagy.com/ Frame 6DD4 		0
0
AAABzvFT9OZywgNGAjmfAAAAAAA
sync.1rx.io/usersync/conversant/ Frame 6DD4
Redirect Chain
  • https://unruly-match.dotomi.com/match/bounce/current?networkId=94316&version=1&nuid=%3CUNRULY_USERID%3E&rndcb=825886475
  • https://unruly-match.dotomi.com/match/bounce/current?DotomiTest=8d34d0fc6421629&is_secure=true&networkId=94316&version=1&nuid=%3CUNRULY_USERID%3E&rndcb=825886475
  • https://sync.1rx.io/usersync/conversant/AAABzvFT9OZywgNGAjmfAAAAAAA?r=1&expiration=1668465321&nuid=%3CUNRULY_USERID%3E&is_secure=true&rndcb=825886475
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/conversant/AAABzvFT9OZywgNGAjmfAAAAAAA?r=1&expiration=1668465321&nuid=%3CUNRULY_USERID%3E&is_secure=true&rndcb=825886475
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://sync.1rx.io/usersync/conversant/AAABzvFT9OZywgNGAjmfAAAAAAA?r=1&expiration=1668465321&nuid=<UNRULY_USERID>&is_secure=true&rndcb=825886475
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8
sync.1rx.io/usersync/convert/ Frame 6DD4
Redirect Chain
  • https://trc.taboola.com/sg/rhythm-ssp-network/1/rtb-h?taboola_hm=1&rndcb=6734013333
  • https://match.taboola.com/sg/rhythm-ssp-network/1/rtb-h?taboola_hm=1&tbid=52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8&query=taboola_hm%3D1%26rndcb%3D6734013333&isDirect=0
  • https://sync.1rx.io/usersync/convert/52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/convert/52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

x-cache-hits
0
date
Sun, 13 Nov 2022 22:35:21 GMT
via
1.1 varnish
server
nginx
x-timer
S1668378921.322917,VS0,VE2
x-cache
MISS
location
https://sync.1rx.io/usersync/convert/52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8
accept-ranges
bytes
content-length
0
x-served-by
cache-chi-klot8100048-CHI
d5f3e722aa17410ebce4d11d325baadd
sync.1rx.io/usersync3/crimtan// Frame 6DD4
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcrimtan%2F%2F%5Buser_id%5D%3Fzcc%3D0%26sspret%3D1&rndcb=8027854048
  • https://sync.1rx.io/usersync3/crimtan//d5f3e722aa17410ebce4d11d325baadd?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/crimtan//d5f3e722aa17410ebce4d11d325baadd?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://sync.1rx.io/usersync3/crimtan//d5f3e722aa17410ebce4d11d325baadd?zcc=0&sspret=1
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
146
match.deepintent.com/usersync/ Frame 6DD4 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/146?rndcb=6012889202
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 13 Nov 2022 22:35:20 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
05030002_637171286390e
sync.1rx.io/usersync3/dynadmic// Frame 6DD4
Redirect Chain
  • https://gu.dyntrk.com/adx/ro/us.php?dynk=rh4thm0n33&callback=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fdynadmic%2F%2F%24DYNADMIC_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=8869000589
  • https://gu.dyntrk.com/adx/ro/us.php?dynk=rh4thm0n33&callback=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fdynadmic%2F%2F%24DYNADMIC_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=8869000589&prevuid=05030002_63717...
  • https://sync.1rx.io/usersync3/dynadmic//05030002_637171286390e?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/dynadmic//05030002_637171286390e?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

date
Sun, 13 Nov 2022 22:35:21 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://sync.1rx.io/usersync3/dynadmic//05030002_637171286390e?zcc=0&sspret=1
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
3466350839015920407brt56801668378921585499b4
sync.1rx.io/usersync3/emx// Frame 6DD4
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Femx%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=5293174005
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Femx%2F%2F%24EMXUID%3Fzcc%3D0%26sspret%3D1&b64_redirect=aHR0cHM6Ly9zeW5jLjFyeC5...
  • https://cs.emxdgt.com/umcheck?apnxid=3466350839015920407&redirect=https://sync.1rx.io/usersync3/emx//$EMXUID?zcc=0&sspret=1&b64_redirect=aHR0cHM6Ly9zeW5jLjFyeC5pby91c2Vyc3luYzMvZW14Ly8kRU1YVUlEP3pj...
  • https://sync.1rx.io/usersync3/emx//3466350839015920407brt56801668378921585499b4?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/emx//3466350839015920407brt56801668378921585499b4?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
https://sync.1rx.io/usersync3/emx//3466350839015920407brt56801668378921585499b4?zcc=0&sspret=1
date
Sun, 13 Nov 2022 22:35:21 GMT
content-length
0
content-type
text/html
100556db-b1b8-4709-bd17-f415fe8f25ce
sync.1rx.io/usersync3/improvedigital// Frame 6DD4
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1699&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fimprovedigital%2F%2F%7BPUB_USER_ID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7606348547
  • https://sync.1rx.io/usersync3/improvedigital//100556db-b1b8-4709-bd17-f415fe8f25ce?zcc=0&sspret=1&rndcb=7606348547
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/improvedigital//100556db-b1b8-4709-bd17-f415fe8f25ce?zcc=0&sspret=1&rndcb=7606348547
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
https://sync.1rx.io/usersync3/improvedigital//100556db-b1b8-4709-bd17-f415fe8f25ce?zcc=0&sspret=1&rndcb=7606348547
access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:19 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usermatch
ssum-sec.casalemedia.com/ Frame 6DD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Findex%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=2241289731
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
/
csync.loopme.me/ Frame 6DD4 		0
0
c090527e-c8bb-4ae7-b840-988360fce03b
sync.1rx.io/usersync/mediaforce/ Frame 6DD4
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=rhythmone&ssp_user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7203592116
  • https://sync.1rx.io/usersync/mediaforce/c090527e-c8bb-4ae7-b840-988360fce03b
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/mediaforce/c090527e-c8bb-4ae7-b840-988360fce03b
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
//sync.1rx.io/usersync/mediaforce/c090527e-c8bb-4ae7-b840-988360fce03b
date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
7a036371-7129-4900-9d06-795152530117
sync.1rx.io/usersync3/mediamathtest// Frame 6DD4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=8968210183
  • https://sync.1rx.io/usersync3/mediamathtest//7a036371-7129-4900-9d06-795152530117?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/mediamathtest//7a036371-7129-4900-9d06-795152530117?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
Server
MT3 4629 97bee97 master iad-pixel-x14 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.1rx.io/usersync3/mediamathtest//7a036371-7129-4900-9d06-795152530117?zcc=0&sspret=1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 13 Nov 2022 22:35:20 GMT
user-sync
sync.adkernel.com/ Frame 6DD4 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=42861&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fnativeads%2F%2F%7BUID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=75843423
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
22
HOgpAizu1OUlzq5
sync.1rx.io/usersync3/oneview// Frame 6DD4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=UNRULY&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Foneview%2F%2F_wfivefivec_%3Fzcc%3D0%26sspret%3D1&rndcb=2942193047
  • https://sync.1rx.io/usersync3/oneview//HOgpAizu1OUlzq5?zcc=0&sspret=1&rndcb=2942193047
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/oneview//HOgpAizu1OUlzq5?zcc=0&sspret=1&rndcb=2942193047
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0baf97c4a26840fbf@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://sync.1rx.io/usersync3/oneview//HOgpAizu1OUlzq5?zcc=0&sspret=1&rndcb=2942193047
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
&rndcb=2377102450f055119c-1d39-452c-9911-39dc03e06a7f
sync.1rx.io/usersync/openx/ Frame 6DD4
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=23f8a601-6b3c-4339-9d30-d214c4518f2b&r=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Fopenx%2F&rndcb=2377102450
  • https://sync.1rx.io/usersync/openx/&rndcb=2377102450f055119c-1d39-452c-9911-39dc03e06a7f
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/openx/&rndcb=2377102450f055119c-1d39-452c-9911-39dc03e06a7f
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

date
Sun, 13 Nov 2022 22:35:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.1rx.io/usersync/openx/&rndcb=2377102450f055119c-1d39-452c-9911-39dc03e06a7f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
fPDy1ZSLFTGyri-wCSNl
sync.1rx.io/usersync3/outbrain// Frame 6DD4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/rhythmone/?cb=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Foutbrain%2F%2F__ZUID__%3Fzcc%3D0%26sspret%3D1&rndcb=2325817809
  • https://stags.bluekai.com/site/23178?id=fPDy1ZSLFTGyri-wCSNl&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS643ZNZRS4MLSPAXGS3ZPOVZWK4TTPFXGGMZPN52XIYTS...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS643ZNZRS4MLSPAXGS3ZPOVZWK4TTPFXGGMZPN52XIYTSMFUW4LZPMZIEI6JRLJJUYRSUI54XE2JNO5BVGTTMH5SXQY3IMFXGOZJ5OJUHS5DINVXW4ZJGONZXA4TFOQ6TC...
  • https://sync.1rx.io/usersync3/outbrain//fPDy1ZSLFTGyri-wCSNl?sspret=1&zcc=0
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/outbrain//fPDy1ZSLFTGyri-wCSNl?sspret=1&zcc=0
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://sync.1rx.io/usersync3/outbrain//fPDy1ZSLFTGyri-wCSNl?sspret=1&zcc=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
102
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Q7216653201746239856P
sync.1rx.io/usersync3/owneriq// Frame 6DD4
Redirect Chain
  • https://px.owneriq.net/ero?redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fowneriq%2F%2F%28OIQ_id%29%3Fzcc%3D0%26sspret%3D1&rndcb=378237653
  • https://sync.1rx.io/usersync3/owneriq//Q7216653201746239856P?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/owneriq//Q7216653201746239856P?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.1rx.io/usersync3/owneriq//Q7216653201746239856P?zcc=0&sspret=1
Content-Type
text/html
Cache-Control
max-age=74699
Connection
keep-alive
Content-Length
154
A08508D9-102C-4280-88EE-2D1A24469070
sync.1rx.io/usersync3/pubmatic// Frame 6DD4
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159277&pu=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fpubmatic%2F%2F%23PMUID%3Fzcc%3D0%26sspret%3D1&rndcb=5721084146
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEM3QUIwMjMtRTdBQy00RjkwLThBNDAtNzYyQURFM0E5MTQ4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync3/pubmatic//A08508D9-102C-4280-88EE-2D1A24469070?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/pubmatic//A08508D9-102C-4280-88EE-2D1A24469070?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
https://sync.1rx.io/usersync3/pubmatic//A08508D9-102C-4280-88EE-2D1A24469070?zcc=0&sspret=1
date
Sun, 13 Nov 2022 22:35:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
118
content-type
text/html; charset=utf-8
aSpTw72oBezE
sync.1rx.io/usersync3/pulse// Frame 6DD4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fpulse%2F%2F%25%25VGUID%25%25%3Fzcc%3D0%26sspret%3D1&rndcb=6503737876
  • https://sync.1rx.io/usersync3/pulse//aSpTw72oBezE?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/pulse//aSpTw72oBezE?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://sync.1rx.io/usersync3/pulse//aSpTw72oBezE?zcc=0&sspret=1
content-language
en-US
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7bd458bbdd-tv5d9
expires
-1
EVh_QBBaekgKCCtGEg9lFBUPeUIKCSlFRVJDmAJN
sync.1rx.io/usersync/quantcast/ Frame 6DD4
Redirect Chain
  • https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0&siteId=995936&rndcb=2945969174
  • https://sync.1rx.io/usersync/quantcast/EVh_QBBaekgKCCtGEg9lFBUPeUIKCSlFRVJDmAJN?gdpr=0
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/quantcast/EVh_QBBaekgKCCtGEg9lFBUPeUIKCSlFRVJDmAJN?gdpr=0
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.1rx.io/usersync/quantcast/EVh_QBBaekgKCCtGEg9lFBUPeUIKCSlFRVJDmAJN?gdpr=0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
p121
rp.gwallet.com/r1/cm/ Frame 6DD4 		0
0
000000D2D129FFB2
sync.1rx.io/usersync3/resetdigital// Frame 6DD4
Redirect Chain
  • https://sync2.resetdigital.co/csync?pid=Unruly&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fresetdigital%2F%2FBUYER_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=7215477949
  • https://sync.1rx.io/usersync3/resetdigital//000000D2D129FFB2?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/resetdigital//000000D2D129FFB2?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://sync.1rx.io/usersync3/resetdigital//000000D2D129FFB2?zcc=0&sspret=1
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
592dbee6
sync.1rx.io/usersync/smaato/ Frame 6DD4
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=u&redir=http%3A%2F%2Fsync.1rx.io%2Fusersync%2Fsmaato%2F%24UID?&rndcb=6914591553
  • https://sync.1rx.io/usersync/smaato/592dbee6?
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/smaato/592dbee6?
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

date
Sun, 13 Nov 2022 22:35:21 GMT
via
1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
http://sync.1rx.io/usersync/smaato/592dbee6?
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
fYCUgGY9TDKiST7fgq7DMNe9Idfj_K9TUHJvrENmb_Yvdhdrhe2FCw==
728114fc-63a3-11ed-aabe-12a4cdd40003
sync.1rx.io/usersync3/spotx// Frame 6DD4
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8801&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fspotx%2F%2F%24SPOTX_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=8453951571
  • https://sync.1rx.io/usersync3/spotx//728114fc-63a3-11ed-aabe-12a4cdd40003?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/spotx//728114fc-63a3-11ed-aabe-12a4cdd40003?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

date
Sun, 13 Nov 2022 22:35:21 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
https://sync.1rx.io/usersync3/spotx//728114fc-63a3-11ed-aabe-12a4cdd40003?zcc=0&sspret=1
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
574
content-length
0
0-2fe279f7-bf79-4c9c-7c2f-9cff9dc25394$ip$104.237.193.29
sync.1rx.io/usersync/stackadapt/ Frame 6DD4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=3395298238
  • https://sync.1rx.io/usersync/stackadapt/0-2fe279f7-bf79-4c9c-7c2f-9cff9dc25394$ip$104.237.193.29
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/stackadapt/0-2fe279f7-bf79-4c9c-7c2f-9cff9dc25394$ip$104.237.193.29
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Location
https://sync.1rx.io/usersync/stackadapt/0-2fe279f7-bf79-4c9c-7c2f-9cff9dc25394$ip$104.237.193.29
Date
Sun, 13 Nov 2022 22:35:22 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
/
ffbtas.com/ Frame 6DD4
Redirect Chain
  • https://cs.ffbtas.com/usnci?i=1&ec=rhy&r=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Ftlvmedia%2F&rndcb=1559771851
  • https://cs.ffbtas.com/
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
0
0
8a252b93-28d3-40a0-bf24-181284989787
sync.1rx.io/usersync/tradedesk/ Frame 6DD4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3660462295
  • https://sync.1rx.io/usersync/tradedesk/8a252b93-28d3-40a0-bf24-181284989787
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/tradedesk/8a252b93-28d3-40a0-bf24-181284989787
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.1rx.io/usersync/tradedesk/8a252b93-28d3-40a0-bf24-181284989787
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
%%TDID%%
sync.1rx.io/usersync/tradedesk/ Frame 6DD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/tradedesk/%%TDID%%?rndcb=6453846522
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/ Frame 6DD4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=45&rndcb=2538386384
  • https://sync.1rx.io/usersync/turn/3847914353920511232?dspret=1&redir=http%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzg1MjQ2ODY4%2Fmpuid%2F%5BRX_UUID%5D&gdpr=&gdpr_consent=&us_privacy=
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
ETag
RX4e8c8a1a1fbc403e88be10c764fde675005
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
syncr
usr.undertone.com/userPixel/ Frame 6DD4 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/syncr?gdpr=0&gdprstr=&partnerid=58&r=[RX_DSP_REDIR]&rndcb=5566994958
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:22 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
2ebA1Ic3naGMFm0oD32Q_4mw5czmk7rL1bYhyOJgcIqerhOifI-44g==
y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
sync.1rx.io/usersync/verizon/ Frame 6DD4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=7593361622
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
  • https://sync.1rx.io/usersync/verizon/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/verizon/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.1rx.io/usersync/verizon/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
user-sync
sync.adkernel.com/ Frame 6DD4 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=83074&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fyieldnexus%2F%2F%7BUID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=8334225987
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
22
2810035083213440694
sync.1rx.io/usersync/zeta/ Frame 6DD4
Redirect Chain
  • https://p.rfihub.com/cm?pub=28593&in=1&rndcb=2531759028
  • https://sync.1rx.io/usersync/zeta/2810035083213440694
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/zeta/2810035083213440694
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Location
https://sync.1rx.io/usersync/zeta/2810035083213440694
Date
Sun, 13 Nov 2022 22:35:22 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
demconf.jpg
dpm.demdex.net/ Frame 6DD4
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005?rndcb=5678381342
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
54.148.144.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-144-255.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-064587ea2.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
u/rLH94ZRy4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-0ce788a3f.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
NgPCGFMLTFk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
unruly
ids.ad.gt/api/v1/put/ Frame 6DD4 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/put/unruly?unruly_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=4560693462
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:426:3f00:31cb:9e4b:85a9:ab59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Mon, 14 Nov 2022 10:35:22 GMT
44416
tags.bluekai.com/site/ Frame 6DD4 		62 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/44416?id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=878286361
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.100.217 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 13 Nov 2022 22:35:22 GMT
content-length
62
content-type
image/gif
p
sb.scorecardresearch.com/ Frame 6DD4 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=6000004&c3=2&cs_xi=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=5907008735
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-43.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
via
1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
content-length
43
x-amz-cf-id
9qwNFhm3wyK8vdeTENADxaF1aDE27m9LbTghZ7CaJtq7MDQjfo4Z7w==
x-cache
Miss from cloudfront
content-type
image/gif
hbpix
idpix.media6degrees.com/orbserv/ Frame 6DD4 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idpix.media6degrees.com/orbserv/hbpix?pixId=851602&pcv=97&ptid=135&tpuv=01&tpu=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=2484892804
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:4400::ac40:9602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
769afae89973e1e7-ORD
content-length
43
/
ps.eyeota.net/match/bounce/ Frame 6DD4
Redirect Chain
  • https://ps.eyeota.net/match?bid=d6m4omv&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7710264312
  • https://ps.eyeota.net/match/bounce/?bid=d6m4omv&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7710264312
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?bid=d6m4omv&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7710264312
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 13 Nov 2022 22:35:22 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=d6m4omv&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=7710264312
Date
Sun, 13 Nov 2022 22:35:22 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame 6DD4 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_hm=BU6MihofvEA-iL4Qx2T95nU&rndcb=4958771538
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 6DD4
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=541745869&pcid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1831935221
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=541745869&pcid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1831935221&ckls=true&ci=0WY5amjLMo&nc=false&trid=36...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D541745869%26rnd%3D...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPhZ_nMQ43TX3hq1ZffXtr0&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:84E77A959F4D41A9AB9BEEEBF77DE0DA
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=541745869&rnd=-1324732179&pcid=A08508D9-102C-4280-88EE-2D1A24469070
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D541745869%3B1402230080%26rnd%3D342537597&pcid=$UID
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=541745869;1402230080&rnd=342537597&pcid=3466350839015920407
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D541745869%3B1402...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=201339086&mi=10&csh=541745869;1402230080;1709765917&rnd=911717490&pcid=Y3FxKFOaQijXOw9VfulAuwAA%26549
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D541745869%3B1402230080%3B1709765917%3B201...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=541745869;1402230080;1709765917;201339086&rnd=2058006220&pcid=2086264215600615833812
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D541745869%3B1...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618110e63fc8f&advId=100&advUuid=LAFXQDQC-C-2NT5&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LAFXQDQC-C-2NT5
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D54174...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=541745869;1402230080;1709765917;201339086;259151345;1725065545&rnd=2005715089&pcid=94c6e74e-2aca-4fb4-...
0
0
usermatch.gif
beacon.krxd.net/ Frame 6DD4 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3782810378
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.160.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-160-212.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n004-ash-prod.krxd.net
date
Sun, 13 Nov 2022 22:35:22 GMT
cache-control
private, no-cache, no-store
x-request-time
D=154 t=1668378922
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
1000.gif
id.rlcdn.com/ Frame 6DD4
Redirect Chain
  • https://id.rlcdn.com/711061.gif?rndcb=1852615090
  • https://id.rlcdn.com/1000.gif?memo=CJWzKxoNCKrixZsGEgUI6AcQAEIASgA
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/1000.gif?memo=CJWzKxoNCKrixZsGEgUI6AcQAEIASgA
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:22 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 13 Nov 2022 22:35:22 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://id.rlcdn.com/1000.gif?memo=CJWzKxoNCKrixZsGEgUI6AcQAEIASgA
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
pippio.com/api/ Frame 6DD4
Redirect Chain
  • https://idsync.rlcdn.com/709771.gif?partner_uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=6965343401
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIquLFmwYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIquLFmwYSBAgCEABCAEoA&google_gid=CAESEKfafHeDEPx95x7oYsimioQ&google_cver=1
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06582603
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06582603&_expec...
  • https://pippio.com/api/sync?pid=710202&it=1&iv=b993e679184cc26fe51124e047656283
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=710202&it=1&iv=b993e679184cc26fe51124e047656283
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:22 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://pippio.com/api/sync?pid=710202&it=1&iv=b993e679184cc26fe51124e047656283
date
Sun, 13 Nov 2022 22:35:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
769afaec4d96e11c-ORD
content-length
0
p3p
CP='NON DSP COR CONi OUR BUS CNT'
/
loadm.exelator.com/load/ Frame 6DD4 		124 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=1131&buid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=5957091120
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
application/x-javascript;charset=UTF-8
date
Sun, 13 Nov 2022 22:35:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
receive
pixel.tapad.com/idsync/ex/ Frame 6DD4
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3134&partner_device_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1618718778
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3466350839015920407&pt=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3466350839015920407&pt=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Date
Sun, 13 Nov 2022 22:35:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
95242554-28b6-4948-8d3c-c9c49af7e506
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3466350839015920407&pt=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B419 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
12494
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 19:07:05 GMT
etag
48472445140208031
expires
Mon, 14 Nov 2022 19:07:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6DD4 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07531adeef4de14e75826ee1aa18f31cddf3870cf38d89310add79408f8bb4fb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6858 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/amobee/blocking_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 04:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 04:43:51 GMT
dv-measurements3130.js
cdn.doubleverify.com/ Frame 9C72 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3130.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/amobee/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:3f::1731:fbda Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Oct 2022 11:48:15 GMT
Server
Microsoft-IIS/10.0
ETag
"80e9d655d5e6d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106973
dynamic_ddc.htm
presentation-atl1.turn.com/server/ Frame D576 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
5fd33337da0f4ab6d11799a3c0887357c93c3a0a9bc920eedaa8bad72b3e881e

Request headers

Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 13 Nov 2022 22:35:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
vary
accept-encoding
RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
sync.targeting.unrulymedia.com/csync/ Frame 6858 		43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-70318d75-bb28-4261-97c8-b744639a5d6b-005?rndcb=7370244913
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
idsync
tg.socdm.com/aux/ Frame 6858 		43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=unruly_dsp&ssp_uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=4802027924
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.241.208.53 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-SO-Cluster-ID
34
Date
Sun, 13 Nov 2022 22:35:20 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=unruly_dsp&ssp_uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=4802027924","cluster_id":34,"gdpr":false,"ipv4":"104.237.193.29","key":"Y3FxKMCo5uYAADAn96EAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad14"}
X-SO-Key
Y3FxKMCo5uYAADAn96EAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad14
P3P
CP="See also http://www.scaleout.jp/privacy/"
Content-Type
image/gif
Cache-Control
private
X-SO-HostName
m-ad14.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
43
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-IP
104.237.193.29
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 6858 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=rhythmxchange.com&idType=cookie&partnerUserId=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=1711107100
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.73.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-73-217.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
744c9b30-63a3-11ed-b5d6-0aeb7286ff0d
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-011e174988ea63e5e
match
ads.altitude-arena.com/ Frame 6858 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.altitude-arena.com/match?bidder_id=V8N4GGRTST2E9DOSUFV65IOIM8&external_user_id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5361881870
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.191.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-191-58.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
content-length
0
content-type
image/avif
sync
sync.bfmio.com/ Frame 6858 		0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=179&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=3064511771
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.21.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-21-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 13 Nov 2022 22:35:18 GMT
match
ads.betweendigital.com/ Frame 6858 		68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=116&external_user_id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=6047917187
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
sync
ups.analytics.yahoo.com/ups/56551/ Frame 6858 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/56551/sync?uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&_origin=1&rndcb=5707833426
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
unruly.gif
sync.colossusssp.com/ Frame 6858 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/unruly.gif?puid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=2962357541
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.121 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
um
sync.e-planning.net/ Frame 6858 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&dc=1079cc634ca638f8&iss=1&rndcb=7479197289
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

server
openresty
date
Sun, 13 Nov 2022 22:35:19 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 6858 		35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=3049327079
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0
user-registering
ads.stickyadstv.com/ Frame 6858 		43 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1570&userId=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=1047118975
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1668378920041070-125
r1-usync
router.infolinks.com/dyn/ Frame 6858 		35 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=2718745018
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
769afad8cfe1e1d3-ORD
content-length
35
expires
Sat, 13 Nov 2021 22:35:19 GMT
cs
cs.yellowblue.io/ Frame 6858 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?&aid=11557&id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5595238006
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.147.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-147-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
x-reason
advertiser 11557 not exists
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
content-type
application/javascript
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
cs
cs.lkqd.net/ Frame 6858 		43 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=6648088326
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.147 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
/
csync.loopme.me/ Frame 6858 		0
0
m
cm.mgid.com/ Frame 6858 		11 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433142&c=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5045850066
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
769afad8c9002a81-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11
content-type
text/plain; charset=utf-8
user-sync
sync.adkernel.com/ Frame 6858 		42 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=11&t=image&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=2661851944
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42
8432319229
simage2.pubmatic.com/AdServer/ Frame 6858
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8432319229
  • https://simage2.pubmatic.com/AdServer/8432319229
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/8432319229
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

location
8432319229
date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rtset
bh.contextweb.com/bh/ Frame 6858 		49 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558189&ev=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=4987190182
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7bd458bbdd-tv5d9
expires
-1
cs
cs.yellowblue.io/ Frame 6858 		0
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11579&id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=7684730230
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.147.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-147-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
date
Sun, 13 Nov 2022 22:35:19 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
csync
sync.sync.viewdeos.com/ Frame 6858 		0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sync.viewdeos.com/csync?t=a&ep=316745&extuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=2372113550
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
Adtelligent
Etag
9c685193e8d8984d
Content-Length
0
csync
sync.adtelligent.com/ Frame 6858 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5667043328
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
Adtelligent
Etag
9c685193e8d8984d
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 6858 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&ex=rhythmone.com&rndcb=15543812
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6Y61PAH8322Q0MWXN597
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 6858 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=200&key=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8684394482
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-8-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-length
0
user-sync
sync.adkernel.com/ Frame 6858 		42 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=73&t=image&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=6232063587
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42
csync
sync.adtelligent.com/ Frame 6858 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=721378&extuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=6381529876
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
Adtelligent
Etag
9c685193e8d8984d
Content-Length
0
cookiesyncendpoint
sync.aniview.com/ Frame 6858 		0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1624283237666-936926128242-025699-007-001687&biddername=200&key=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=382307111
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-8-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-length
0
sync
ads.servenobid.com/ Frame 6858 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8783278880
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.22.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-22-183.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersyncs
api.feedad.com/1.1/web/ Frame 6858 		0
0
rmpssp
sync.1rx.io/syncpixel/ Frame 6858
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_cm=1&google_hm=BXAxjXW7KEJhl8i3RGOaXWs&rndcb=1788121701
  • https://sync.1rx.io/syncpixel/rmpssp?sub=google&rndcb=1788121701&google_gid=CAESEEUlwQW7yZ2T65FqOTMRpH0&google_cver=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/syncpixel/rmpssp?sub=google&rndcb=1788121701&google_gid=CAESEEUlwQW7yZ2T65FqOTMRpH0&google_cver=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.1rx.io/syncpixel/rmpssp?sub=google&rndcb=1788121701&google_gid=CAESEEUlwQW7yZ2T65FqOTMRpH0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unr1865.gif
us.ck-ie.com/ Frame 6858 		42 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/unr1865.gif?puid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=6445211435
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
ur-usync
router.infolinks.com/dyn/ Frame 6858 		35 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ur-usync?uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=2477794395
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
769afad8cfe5e1d3-ORD
content-length
35
expires
Sat, 13 Nov 2021 22:35:19 GMT
unruly
ex.ingage.tech/v1/syncPage/ Frame 6858 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/syncPage/unruly?uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=6243717226
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:53d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
769afadb18b3e118-ORD
vary
Origin
un
match.justpremium.com/match/ Frame 6858 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/un?rid=r-4111cedb-72e5-4a0d-8cbd-4b6c3882923c-1687-778229178&jp_uid=lk2-um-bfeb8f08-96fa-4da8-b070-7171050cd12e-1613989936&ex_uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=4232975965
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.84.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-84-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-length
43
content-type
image/gif
unruly
crb.kargo.com/api/v1/dsync/ Frame 6858 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/unruly?exid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=6440948898
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.71.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-71-0.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
did=70844629-3a3f-48fe-b8b8-26efd6038169KrushID=70844629-3a3f-48fe-b8b8-26efd6038169
www.getpublica.com/usermatch/ Frame 6858
Redirect Chain
  • https://cs.krushmedia.com/bcceb9af87ecb29c4c43c11ae93b1cc9.gif?puid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&redir=[RED]&rndcb=8910937996
  • https://getpublica.com/usermatch/did=70844629-3a3f-48fe-b8b8-26efd6038169KrushID=70844629-3a3f-48fe-b8b8-26efd6038169
  • https://www.getpublica.com/usermatch/did=70844629-3a3f-48fe-b8b8-26efd6038169KrushID=70844629-3a3f-48fe-b8b8-26efd6038169
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getpublica.com/usermatch/did=70844629-3a3f-48fe-b8b8-26efd6038169KrushID=70844629-3a3f-48fe-b8b8-26efd6038169
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
52.55.54.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-54-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

location
https://www.getpublica.com/usermatch/did=70844629-3a3f-48fe-b8b8-26efd6038169KrushID=70844629-3a3f-48fe-b8b8-26efd6038169
date
Sun, 13 Nov 2022 22:35:20 GMT
server
openresty
content-length
166
content-type
text/html
match.php
x.fidelity-media.com/ Frame 6858 		0
0
cookie
openrtb.cootlogix.com/api/ Frame 6858 		43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openrtb.cootlogix.com/api/cookie?partnerId=kueez-r1&us_privacy=[US_PRIVACY]&userId=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=4132723754
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.190.223.83 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
keep-alive
timeout=5
redirect
exchange.mediavine.com/usersync/ Frame 6858 		0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rhythmone&uuid=94800860-d62a-11e9-806a-37fb6ad61dc2&s2sVersion=production&partnerId=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=3014703234
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.7.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-7-4.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookiesyncendpoint
sync.aniview.com/ Frame 6858 		0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1635672126483-964146417653-018146-002-001368&biddername=200&key=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=6485149663
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-8-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-length
0
101965
jadserve.postrelease.com/suid/ Frame 6858 		43 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101965?vk=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5190017036
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.237.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-237-248.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:22 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
csync
sync.spotim.market/ Frame 6858 		0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=1529688478
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
Adtelligent
Etag
9c685193e8d8984d
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 6858 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&obUid=$D&rndcb=294943952
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:20 GMT
Cache-Control
no-cache
X-TraceId
0cc315417ffb2738936f1b2c0c8a9466
Content-Length
0
cookiesyncendpoint
sync.aniview.com/ Frame 6858 		0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1655480076088-913043446455-008321-011-009672&biddername=200&key=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5040284523
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-8-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-length
0
usermatch
usersync.getpublica.com/ Frame 6858 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=unruly&did=08c879fa-3a87-43dd-91d0-040e94eedec2&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=2793112759
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.113.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-113-20.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0
RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
sync.pubwise.io/usersync/unrulydspctv/ Frame 6858
Redirect Chain
  • https://sync.pubwise.io/usersync/unrulydspctv/RX-70318d75-bb28-4261-97c8-b744639a5d6b-005?rndcb=8991860299
  • https://sync.pubwise.io/usersync/unrulydspctv/RX-70318d75-bb28-4261-97c8-b744639a5d6b-005?zcc=1
43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.pubwise.io/usersync/unrulydspctv/RX-70318d75-bb28-4261-97c8-b744639a5d6b-005?zcc=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
147.75.198.217 , United States, ASN54825 (PACKET, US),
Reverse DNS
sync-1
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
server
nginx

Redirect headers

location
https://sync.pubwise.io/usersync/unrulydspctv/RX-70318d75-bb28-4261-97c8-b744639a5d6b-005?zcc=1
date
Sun, 13 Nov 2022 22:35:20 GMT
server
nginx
content-type
text/html
partner
pixel.servebom.com/ Frame 6858 		70 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.servebom.com/partner?svc=us&id=58&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5725317954
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-encoding
UTF-8
cache-control
no-store
x-hw
1668378920.cds183.ch4.hn,1668378920.cds183.ch4.sl
content-type
image/png
cookie
openrtb.cootlogix.com/api/ Frame 6858 		43 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openrtb.cootlogix.com/api/cookie?partnerId=shinez-rhythmone&userId=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8166693219
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.190.223.83 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
keep-alive
timeout=5
cs
cs.minutemedia-prebid.com/ Frame 6858 		0
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=2850912567
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
usersync
sync.springserve.com/ Frame 6858 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=628&uuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=7984715601
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.53.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-53-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
services
sync.technoratimedia.com/ Frame 6858 		0
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8897669766
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
137890168
access-control-allow-origin
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
access-control-allow-credentials
true
/
trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/ Frame 6858 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=2465977203
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
22
date
Sun, 13 Nov 2022 22:35:20 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1668378921.594591,VS0,VE22
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-chi-klot8100171-CHI
usync
ssp.api.tappx.com/cs/ Frame 6858 		0
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=162&id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=7796529724
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.221.57.18 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
18.57.221.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-encoding
gzip
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
cookie
sync.cootlogix.com/api/ Frame 6858 		43 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=unruly&userId=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8499845711
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.172.154.244 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
keep-alive
timeout=5
setuid
x.videobyte.com/ Frame 6858 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.videobyte.com/setuid?bidder=unruly&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=3265164013
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.126.248.223 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
vary
Origin
csync
sync.sync.viewdeos.com/ Frame 6858 		0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sync.viewdeos.com/csync?t=a&ep=322319&extuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=59829004
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:19 GMT
Server
Adtelligent
Etag
9c685193e8d8984d
Content-Length
0
/
csync.loopme.me/ Frame 6858
Redirect Chain
  • https://tracker.ortb.vuukle.com/sync?id=35&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8912618595
  • https://sync.go.sonobi.com/us?https://tracker.ortb.vuukle.com/sync?id=44&uid=[UID]
  • https://tracker.ortb.vuukle.com/sync?id=44&uid=4a835794-74c0-4aa8-945b-26bd565a9291
  • https://csync.loopme.me/?redirect=https%3A%2F%2Ftracker.ortb.vuukle.com%2Fsync%3Fid%3D43%26uid%3D%7Bdevice_id%7D%0A%26pubid%3D11486
0
0
sync
ads.yieldmo.com/v000/ Frame 6858 		43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5084770300
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.179.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-179-166.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
tap.php
pixel.rubiconproject.com/ Frame 6858 		42 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&expires=30&rndcb=4592139175
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesyncendpoint
sync.aniview.com/ Frame 6858 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=13&key=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8228494730
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.8.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-8-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-length
0
v1
match.sharethrough.com/sync/ Frame 6858 		68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=4329679810
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.157.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-157-165.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png
dcm
s.amazon-adsystem.com/ Frame 6858
Redirect Chain
  • https://s.ad.smaato.net/c/?dspInit=1001678&dspCookie=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=191282894
  • https://s.ad.smaato.net/c/?dspInit=1001678&dspCookie=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=191282894&cookieCheck=1
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=592dbee6
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=592dbee6
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NCA3TKKJ9V213GTFY880
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 13 Nov 2022 22:35:20 GMT
via
1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=592dbee6
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
cd-YWobS1I4e5CWydmvJiAjUkowlUPaHM9lINGgWEyLfooa7TkUPDQ==
/
rtb-csync.smartadserver.com/redir/ Frame 6858 		43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=7609953384
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
csync.smilewanted.com/set_partner_userid_get/rhythmone/ Frame 6858 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rhythmone/RX-70318d75-bb28-4261-97c8-b744639a5d6b-005?rndcb=8084788680
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
769afadf0de529c0-ORD
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
us.gif
sync.go.sonobi.com/ Frame 6858 		49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5754837818
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-106
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
r1
c.deployads.com/cs/ Frame 6858 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/r1?b=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=6478972426
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.12.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-12-27.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 6858 		43 B
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=6211115959
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 6858 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=8054&img=1&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=1777332789
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.138 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
205
content-length
43
/
sync.taboola.com/sg/rhythmone-network/1/rtb-h/ Frame 6858 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rhythmone-network/1/rtb-h/?taboola_hm=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=2039718803
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
42362
sync
partners.tremorhub.com/ Frame 6858 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRO=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=7408356627
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:6c23:5a2c:6d97:91e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 13 Nov 2022 22:35:20 GMT
server
Apache-Coyote/1.1
content-type
image/gif
xuid
eb2.3lift.com/ Frame 6858 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&dongle=2dcc&rndcb=4681400400
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
fetch.pix
udmserve.net/udm/ Frame 6858 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?roid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=651524952
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
setuid
ib.adnxs.com/ Frame 6858 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=375&code=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8736234180
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
AN-X-Request-Uuid
3de3f99b-1ca5-4193-a495-6d0d00af836d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
708547785164
sync.1rx.io/usersync3/acuityadsdsp// Frame 6858
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=34&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Facuityadsdsp%2F%2F___AUID___%3Fzcc%3D0%26sspret%3D1&rndcb=676...
  • https://sync.1rx.io/usersync3/acuityadsdsp//708547785164?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/acuityadsdsp//708547785164?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Access-Control-Allow-Origin
*
Location
https://sync.1rx.io/usersync3/acuityadsdsp//708547785164?zcc=0&sspret=1
Content-Length
0
3481187484987436450
sync.1rx.io/usersync3/adform// Frame 6858
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1262&redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fadform%2F%2F__ADFUID__%3Fzcc%3D0%26sspret%3D1&rndcb=8558289307
  • https://sync.1rx.io/usersync3/adform//3481187484987436450?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/adform//3481187484987436450?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync.1rx.io/usersync3/adform//3481187484987436450?zcc=0&sspret=1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
c1985aac076242d5a84e2abcba33ba3e
sync.1rx.io/usersync/admixerdsp/ Frame 6858
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=566E1BC0-12FE-4859-A973-45B6C91FB046&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Fadmixerdsp%2F%24%24visitor_cookie%24%24&rndcb=3414362298
  • https://sync.1rx.io/usersync/admixerdsp/c1985aac076242d5a84e2abcba33ba3e
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/admixerdsp/c1985aac076242d5a84e2abcba33ba3e
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://sync.1rx.io/usersync/admixerdsp/c1985aac076242d5a84e2abcba33ba3e
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
3466350839015920407
sync.1rx.io/usersync3/appnexus// Frame 6858
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=1422113363
  • https://sync.1rx.io/usersync3/appnexus//3466350839015920407?zcc=0&sspret=1&rndcb=1422113363
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/appnexus//3466350839015920407?zcc=0&sspret=1&rndcb=1422113363
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a5af42de-7043-49a3-bf9e-69784da10304
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.1rx.io/usersync3/appnexus//3466350839015920407?zcc=0&sspret=1&rndcb=1422113363
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.html
public.servenobid.com/ Frame 6858 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public.servenobid.com/sync.html?redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fbeachside%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=4571483868
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-23.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
AACws07G4uIAACCR69Mn3A
sync.1rx.io/usersync/beeswax/ Frame 6858
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=1069533745
  • https://sync.1rx.io/usersync/beeswax/AACws07G4uIAACCR69Mn3A
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/beeswax/AACws07G4uIAACCR69Mn3A
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
https://sync.1rx.io/usersync/beeswax/AACws07G4uIAACCR69Mn3A
Date
Sun, 13 Nov 2022 22:35:21 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
1dfa079c-9b83-533e-a1dd-3d9dc2ac4cba
sync.1rx.io/usersync3/betweenx// Frame 6858
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44126&callback_url=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fbetweenx%2F%2F%24%7BUSER_ID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=963008015
  • https://sync.1rx.io/usersync3/betweenx//1dfa079c-9b83-533e-a1dd-3d9dc2ac4cba?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/betweenx//1dfa079c-9b83-533e-a1dd-3d9dc2ac4cba?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
https://sync.1rx.io/usersync3/betweenx//1dfa079c-9b83-533e-a1dd-3d9dc2ac4cba?zcc=0&sspret=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
646fd8ed-ac69-4a32-a122-20903ac4341c
sync.1rx.io/usersync/bidswitch/ Frame 6858
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=7565248655
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=646fd8ed-ac69-4a32-a122-20903ac4341c&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=adconductor&user_id=AUD9M5xiNlz2VIl7_ZU90
  • https://sync.1rx.io/usersync/bidswitch/646fd8ed-ac69-4a32-a122-20903ac4341c?gdpr=&gdpr_consent=
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/bidswitch/646fd8ed-ac69-4a32-a122-20903ac4341c?gdpr=&gdpr_consent=
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Location
//sync.1rx.io/usersync/bidswitch/646fd8ed-ac69-4a32-a122-20903ac4341c?gdpr=&gdpr_consent=
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
2fa5038f-0579-4836-b65c-1335814137e4
sync.1rx.io/usersync/bidtellect/ Frame 6858
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=f25db61a-4f72-43bf-894b-e4ad5f845495&secure=1&rndcb=2179708900
  • https://sync.1rx.io/usersync/bidtellect/2fa5038f-0579-4836-b65c-1335814137e4
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/bidtellect/2fa5038f-0579-4836-b65c-1335814137e4
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

x-servername
Track001-iad
pragma
no-cache
date
Sun, 13 Nov 2022 22:34:56 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
content-type
text/html; charset=utf-8
location
https://sync.1rx.io/usersync/bidtellect/2fa5038f-0579-4836-b65c-1335814137e4
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-length
193
expires
-1
9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553
sync.1rx.io/usersync3/centro// Frame 6858
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=1034645985
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=1034645985
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553&partner_url=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F%2F9e1cb20a-...
  • https://sync.1rx.io/usersync3/centro//9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553?zcc=0&sspret=1&rndcb=1034645985
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/centro//9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553?zcc=0&sspret=1&rndcb=1034645985
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

date
Sun, 13 Nov 2022 22:35:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://sync.1rx.io/usersync3/centro//9e1cb20a-e457-4f67-9c35-3dc329846db1-63717129-5553?zcc=0&sspret=1&rndcb=1034645985
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel.gif
aorta.clickagy.com/ Frame 6858 		0
0
AAAH33qDQkdOiwMAkSB8AAAAAAA
sync.1rx.io/usersync/conversant/ Frame 6858
Redirect Chain
  • https://unruly-match.dotomi.com/match/bounce/current?networkId=94316&version=1&nuid=%3CUNRULY_USERID%3E&rndcb=8040088116
  • https://unruly-match.dotomi.com/match/bounce/current?DotomiTest=4bf255d7b59163d&is_secure=true&networkId=94316&version=1&nuid=%3CUNRULY_USERID%3E&rndcb=8040088116
  • https://sync.1rx.io/usersync/conversant/AAAH33qDQkdOiwMAkSB8AAAAAAA?r=1&expiration=1668465321&nuid=%3CUNRULY_USERID%3E&is_secure=true&rndcb=8040088116
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/conversant/AAAH33qDQkdOiwMAkSB8AAAAAAA?r=1&expiration=1668465321&nuid=%3CUNRULY_USERID%3E&is_secure=true&rndcb=8040088116
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://sync.1rx.io/usersync/conversant/AAAH33qDQkdOiwMAkSB8AAAAAAA?r=1&expiration=1668465321&nuid=<UNRULY_USERID>&is_secure=true&rndcb=8040088116
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8
sync.1rx.io/usersync/convert/ Frame 6858
Redirect Chain
  • https://trc.taboola.com/sg/rhythm-ssp-network/1/rtb-h?taboola_hm=1&rndcb=2350217088
  • https://match.taboola.com/sg/rhythm-ssp-network/1/rtb-h?taboola_hm=1&tbid=52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8&query=taboola_hm%3D1%26rndcb%3D2350217088&isDirect=0
  • https://sync.1rx.io/usersync/convert/52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/convert/52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

x-cache-hits
0
date
Sun, 13 Nov 2022 22:35:21 GMT
via
1.1 varnish
server
nginx
x-timer
S1668378921.322807,VS0,VE2
x-cache
MISS
location
https://sync.1rx.io/usersync/convert/52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8
accept-ranges
bytes
content-length
0
x-served-by
cache-chi-klot8100048-CHI
d5f3e722aa17410ebce4d11d325baadd
sync.1rx.io/usersync3/crimtan// Frame 6858
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcrimtan%2F%2F%5Buser_id%5D%3Fzcc%3D0%26sspret%3D1&rndcb=5374458337
  • https://sync.1rx.io/usersync3/crimtan//d5f3e722aa17410ebce4d11d325baadd?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/crimtan//d5f3e722aa17410ebce4d11d325baadd?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:21 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://sync.1rx.io/usersync3/crimtan//d5f3e722aa17410ebce4d11d325baadd?zcc=0&sspret=1
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
146
match.deepintent.com/usersync/ Frame 6858 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/146?rndcb=2068019497
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 13 Nov 2022 22:35:21 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
05030002_637171286390e
sync.1rx.io/usersync3/dynadmic// Frame 6858
Redirect Chain
  • https://gu.dyntrk.com/adx/ro/us.php?dynk=rh4thm0n33&callback=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fdynadmic%2F%2F%24DYNADMIC_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=4371687271
  • https://gu.dyntrk.com/adx/ro/us.php?dynk=rh4thm0n33&callback=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fdynadmic%2F%2F%24DYNADMIC_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=4371687271&prevuid=05030002_63717...
  • https://sync.1rx.io/usersync3/dynadmic//05030002_637171286390e?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/dynadmic//05030002_637171286390e?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

date
Sun, 13 Nov 2022 22:35:21 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://sync.1rx.io/usersync3/dynadmic//05030002_637171286390e?zcc=0&sspret=1
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
3466350839015920407brt56801668378921585499b4
sync.1rx.io/usersync3/emx// Frame 6858
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Femx%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=4845929657
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Femx%2F%2F%24EMXUID%3Fzcc%3D0%26sspret%3D1&b64_redirect=aHR0cHM6Ly9zeW5jLjFyeC5...
  • https://cs.emxdgt.com/umcheck?apnxid=3466350839015920407&redirect=https://sync.1rx.io/usersync3/emx//$EMXUID?zcc=0&sspret=1&b64_redirect=aHR0cHM6Ly9zeW5jLjFyeC5pby91c2Vyc3luYzMvZW14Ly8kRU1YVUlEP3pj...
  • https://sync.1rx.io/usersync3/emx//3466350839015920407brt56801668378921585499b4?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/emx//3466350839015920407brt56801668378921585499b4?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
https://sync.1rx.io/usersync3/emx//3466350839015920407brt56801668378921585499b4?zcc=0&sspret=1
date
Sun, 13 Nov 2022 22:35:21 GMT
content-length
0
content-type
text/html
100556db-b1b8-4709-bd17-f415fe8f25ce
sync.1rx.io/usersync3/improvedigital// Frame 6858
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1699&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fimprovedigital%2F%2F%7BPUB_USER_ID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=339836938
  • https://sync.1rx.io/usersync3/improvedigital//100556db-b1b8-4709-bd17-f415fe8f25ce?zcc=0&sspret=1&rndcb=339836938
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/improvedigital//100556db-b1b8-4709-bd17-f415fe8f25ce?zcc=0&sspret=1&rndcb=339836938
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
https://sync.1rx.io/usersync3/improvedigital//100556db-b1b8-4709-bd17-f415fe8f25ce?zcc=0&sspret=1&rndcb=339836938
access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:19 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usermatch
ssum-sec.casalemedia.com/ Frame 6858 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Findex%2F%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=7904146361
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
/
csync.loopme.me/ Frame 6858 		0
0
c090527e-c8bb-4ae7-b840-988360fce03b
sync.1rx.io/usersync/mediaforce/ Frame 6858
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=rhythmone&ssp_user_id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5853630049
  • https://sync.1rx.io/usersync/mediaforce/c090527e-c8bb-4ae7-b840-988360fce03b
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/mediaforce/c090527e-c8bb-4ae7-b840-988360fce03b
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
//sync.1rx.io/usersync/mediaforce/c090527e-c8bb-4ae7-b840-988360fce03b
date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
956e6371-7129-4f00-a890-627b6b8e9ca2
sync.1rx.io/usersync3/mediamathtest// Frame 6858
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=2441417468
  • https://sync.1rx.io/usersync3/mediamathtest//956e6371-7129-4f00-a890-627b6b8e9ca2?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/mediamathtest//956e6371-7129-4f00-a890-627b6b8e9ca2?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
Server
MT3 4629 97bee97 master iad-pixel-x28 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.1rx.io/usersync3/mediamathtest//956e6371-7129-4f00-a890-627b6b8e9ca2?zcc=0&sspret=1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 13 Nov 2022 22:35:20 GMT
user-sync
sync.adkernel.com/ Frame 6858 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=42861&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fnativeads%2F%2F%7BUID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7663775210
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
22
HOgpAizu1OUlzq5
sync.1rx.io/usersync3/oneview// Frame 6858
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=UNRULY&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Foneview%2F%2F_wfivefivec_%3Fzcc%3D0%26sspret%3D1&rndcb=1067785811
  • https://sync.1rx.io/usersync3/oneview//HOgpAizu1OUlzq5?zcc=0&sspret=1&rndcb=1067785811
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/oneview//HOgpAizu1OUlzq5?zcc=0&sspret=1&rndcb=1067785811
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0e1278699ff9cef01@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://sync.1rx.io/usersync3/oneview//HOgpAizu1OUlzq5?zcc=0&sspret=1&rndcb=1067785811
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
&rndcb=4758713279f055119c-1d39-452c-9911-39dc03e06a7f
sync.1rx.io/usersync/openx/ Frame 6858
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=23f8a601-6b3c-4339-9d30-d214c4518f2b&r=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Fopenx%2F&rndcb=4758713279
  • https://sync.1rx.io/usersync/openx/&rndcb=4758713279f055119c-1d39-452c-9911-39dc03e06a7f
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/openx/&rndcb=4758713279f055119c-1d39-452c-9911-39dc03e06a7f
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

date
Sun, 13 Nov 2022 22:35:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.1rx.io/usersync/openx/&rndcb=4758713279f055119c-1d39-452c-9911-39dc03e06a7f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rDDwvHhuRyW6T86pUZbW
sync.1rx.io/usersync3/outbrain// Frame 6858
Redirect Chain
  • https://b1sync.zemanta.com/usersync/rhythmone/?cb=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Foutbrain%2F%2F__ZUID__%3Fzcc%3D0%26sspret%3D1&rndcb=1637019449
  • https://stags.bluekai.com/site/23178?id=rDDwvHhuRyW6T86pUZbW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS643ZNZRS4MLSPAXGS3ZPOVZWK4TTPFXGGMZPN52XIYTS...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS643ZNZRS4MLSPAXGS3ZPOVZWK4TTPFXGGMZPN52XIYTSMFUW4LZPOJCEI53WJBUHKUTZK43FIOBWOBKVUYSXH5SXQY3IMFXGOZJ5OJUHS5DINVXW4ZJGONZXA4TFOQ6TC...
  • https://sync.1rx.io/usersync3/outbrain//rDDwvHhuRyW6T86pUZbW?sspret=1&zcc=0
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/outbrain//rDDwvHhuRyW6T86pUZbW?sspret=1&zcc=0
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://sync.1rx.io/usersync3/outbrain//rDDwvHhuRyW6T86pUZbW?sspret=1&zcc=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
102
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Q7216653201746239856P
sync.1rx.io/usersync3/owneriq// Frame 6858
Redirect Chain
  • https://px.owneriq.net/ero?redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fowneriq%2F%2F%28OIQ_id%29%3Fzcc%3D0%26sspret%3D1&rndcb=5421784261
  • https://sync.1rx.io/usersync3/owneriq//Q7216653201746239856P?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/owneriq//Q7216653201746239856P?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.1rx.io/usersync3/owneriq//Q7216653201746239856P?zcc=0&sspret=1
Content-Type
text/html
Cache-Control
max-age=74699
Connection
keep-alive
Content-Length
154
A08508D9-102C-4280-88EE-2D1A24469070
sync.1rx.io/usersync3/pubmatic// Frame 6858
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159277&pu=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fpubmatic%2F%2F%23PMUID%3Fzcc%3D0%26sspret%3D1&rndcb=3961577402
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTA4NTA4RDktMTAyQy00MjgwLTg4RUUtMkQxQTI0NDY5MDcw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync3/pubmatic//A08508D9-102C-4280-88EE-2D1A24469070?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/pubmatic//A08508D9-102C-4280-88EE-2D1A24469070?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

location
https://sync.1rx.io/usersync3/pubmatic//A08508D9-102C-4280-88EE-2D1A24469070?zcc=0&sspret=1
date
Sun, 13 Nov 2022 22:35:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
118
content-type
text/html; charset=utf-8
aSpTw72oBezE
sync.1rx.io/usersync3/pulse// Frame 6858
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fpulse%2F%2F%25%25VGUID%25%25%3Fzcc%3D0%26sspret%3D1&rndcb=2713846909
  • https://sync.1rx.io/usersync3/pulse//aSpTw72oBezE?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/pulse//aSpTw72oBezE?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://sync.1rx.io/usersync3/pulse//aSpTw72oBezE?zcc=0&sspret=1
content-language
en-US
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7bd458bbdd-tv5d9
expires
-1
WoCtBluCqA5B0PkAD4K3AQ-Bqw9BiqsDXddUwVi3
sync.1rx.io/usersync/quantcast/ Frame 6858
Redirect Chain
  • https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0&siteId=995936&rndcb=7076050353
  • https://sync.1rx.io/usersync/quantcast/WoCtBluCqA5B0PkAD4K3AQ-Bqw9BiqsDXddUwVi3?gdpr=0
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/quantcast/WoCtBluCqA5B0PkAD4K3AQ-Bqw9BiqsDXddUwVi3?gdpr=0
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.1rx.io/usersync/quantcast/WoCtBluCqA5B0PkAD4K3AQ-Bqw9BiqsDXddUwVi3?gdpr=0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
p121
rp.gwallet.com/r1/cm/ Frame 6858 		0
0
000000D2D12A01C2
sync.1rx.io/usersync3/resetdigital// Frame 6858
Redirect Chain
  • https://sync2.resetdigital.co/csync?pid=Unruly&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fresetdigital%2F%2FBUYER_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=4024651527
  • https://sync.1rx.io/usersync3/resetdigital//000000D2D12A01C2?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/resetdigital//000000D2D12A01C2?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 13 Nov 2022 22:35:21 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://sync.1rx.io/usersync3/resetdigital//000000D2D12A01C2?zcc=0&sspret=1
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
592dbee6
sync.1rx.io/usersync/smaato/ Frame 6858
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=u&redir=http%3A%2F%2Fsync.1rx.io%2Fusersync%2Fsmaato%2F%24UID?&rndcb=1012571224
  • https://sync.1rx.io/usersync/smaato/592dbee6?
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/smaato/592dbee6?
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

date
Sun, 13 Nov 2022 22:35:21 GMT
via
1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
http://sync.1rx.io/usersync/smaato/592dbee6?
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
MD3EiCZOv0MxBnNZtyplf4CNrUsy-mKHevEUk3Hgs3GXxIQLcmMJ7A==
728114fc-63a3-11ed-aabe-12a4cdd40003
sync.1rx.io/usersync3/spotx// Frame 6858
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8801&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fspotx%2F%2F%24SPOTX_USER_ID%3Fzcc%3D0%26sspret%3D1&rndcb=1092398762
  • https://sync.1rx.io/usersync3/spotx//728114fc-63a3-11ed-aabe-12a4cdd40003?zcc=0&sspret=1
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/spotx//728114fc-63a3-11ed-aabe-12a4cdd40003?zcc=0&sspret=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

date
Sun, 13 Nov 2022 22:35:21 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
https://sync.1rx.io/usersync3/spotx//728114fc-63a3-11ed-aabe-12a4cdd40003?zcc=0&sspret=1
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
457
content-length
0
0-0697176f-cd14-48e3-5143-156ab4e96086$ip$104.237.193.29
sync.1rx.io/usersync/stackadapt/ Frame 6858
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=2711789819
  • https://sync.1rx.io/usersync/stackadapt/0-0697176f-cd14-48e3-5143-156ab4e96086$ip$104.237.193.29
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/stackadapt/0-0697176f-cd14-48e3-5143-156ab4e96086$ip$104.237.193.29
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Location
https://sync.1rx.io/usersync/stackadapt/0-0697176f-cd14-48e3-5143-156ab4e96086$ip$104.237.193.29
Date
Sun, 13 Nov 2022 22:35:22 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
/
ffbtas.com/ Frame 6858
Redirect Chain
  • https://cs.ffbtas.com/usnci?i=1&ec=rhy&r=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Ftlvmedia%2F&rndcb=1943594523
  • https://cs.ffbtas.com/
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
  • https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
0
0
8a252b93-28d3-40a0-bf24-181284989787
sync.1rx.io/usersync/tradedesk/ Frame 6858
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6867366732
  • https://sync.1rx.io/usersync/tradedesk/8a252b93-28d3-40a0-bf24-181284989787
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/tradedesk/8a252b93-28d3-40a0-bf24-181284989787
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.1rx.io/usersync/tradedesk/8a252b93-28d3-40a0-bf24-181284989787
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
%%TDID%%
sync.1rx.io/usersync/tradedesk/ Frame 6858 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/tradedesk/%%TDID%%?rndcb=6501569226
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/ Frame 6858
Redirect Chain
  • https://ad.turn.com/r/cs?pid=45&rndcb=5811971969
  • https://sync.1rx.io/usersync/turn/3847914353920511232?dspret=1&redir=http%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzg1MjQ2ODY4%2Fmpuid%2F%5BRX_UUID%5D&gdpr=&gdpr_consent=&us_privacy=
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
ETag
RX4e8c8a1a1fbc403e88be10c764fde675005
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
syncr
usr.undertone.com/userPixel/ Frame 6858 		0
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/syncr?gdpr=0&gdprstr=&partnerid=58&r=[RX_DSP_REDIR]&rndcb=2594323035
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:21 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
LJJhLEAQEI6a6tlOmLYtN-UOWlU9eolZvx20dHQRfeo0zza1tnPnAA==
y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
sync.1rx.io/usersync/verizon/ Frame 6858
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=1471052996
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
  • https://sync.1rx.io/usersync/verizon/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/verizon/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.1rx.io/usersync/verizon/y-IkVmDARE2oV1LsP1xH8cioJWuctyK7UDaPEe~A
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
user-sync
sync.adkernel.com/ Frame 6858 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=83074&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fyieldnexus%2F%2F%7BUID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=555126539
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
22
2810035083213440694
sync.1rx.io/usersync/zeta/ Frame 6858
Redirect Chain
  • https://p.rfihub.com/cm?pub=28593&in=1&rndcb=1372478847
  • https://sync.1rx.io/usersync/zeta/2810035083213440694
43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/zeta/2810035083213440694
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Location
https://sync.1rx.io/usersync/zeta/2810035083213440694
Date
Sun, 13 Nov 2022 22:35:22 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
demconf.jpg
dpm.demdex.net/ Frame 6858
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005?rndcb=2812035874
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
54.148.144.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-144-255.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0759bae72.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/A8ZjmmNS8w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-023624cbc.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
7Wg1oa5OQc4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=461447&dpuuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
unruly
ids.ad.gt/api/v1/put/ Frame 6858 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/put/unruly?unruly_id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=3113421524
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:426:3f00:31cb:9e4b:85a9:ab59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 13 Nov 2022 22:35:22 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Mon, 14 Nov 2022 10:35:22 GMT
44416
tags.bluekai.com/site/ Frame 6858 		62 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/44416?id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=46501013
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.100.217 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 13 Nov 2022 22:35:22 GMT
content-length
62
content-type
image/gif
p
sb.scorecardresearch.com/ Frame 6858 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=6000004&c3=2&cs_xi=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=4316288141
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-43.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:19 GMT
via
1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
content-length
43
x-amz-cf-id
HIyyZg_TpMKY5xcOQUDqMHNo9_mCQN38C0S_ACnQopi2enIhBtoY9Q==
x-cache
Miss from cloudfront
content-type
image/gif
hbpix
idpix.media6degrees.com/orbserv/ Frame 6858 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idpix.media6degrees.com/orbserv/hbpix?pixId=851602&pcv=97&ptid=135&tpuv=01&tpu=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5156947994
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:4400::ac40:9602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
769afae89975e1e7-ORD
content-length
43
/
ps.eyeota.net/match/bounce/ Frame 6858
Redirect Chain
  • https://ps.eyeota.net/match?bid=d6m4omv&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=802455777
  • https://ps.eyeota.net/match/bounce/?bid=d6m4omv&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=802455777
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?bid=d6m4omv&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=802455777
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Server
3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-62-22.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 13 Nov 2022 22:35:22 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=d6m4omv&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=802455777
Date
Sun, 13 Nov 2022 22:35:22 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame 6858 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_hm=BXAxjXW7KEJhl8i3RGOaXWs&rndcb=6993521254
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 6858
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=541745869&pcid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5518732273
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=541745869&pcid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5518732273&ckls=true&ci=sXgo019YVb&nc=false&trid=12...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D541745869%26rnd%3D...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPhZ_nMQ43TX3hq1ZffXtr0&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7F503C195A22489792DD1D44FD930470
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=541745869&rnd=-1324732179&pcid=A08508D9-102C-4280-88EE-2D1A24469070
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D541745869%3B1402230080%26rnd%3D1349242518&pcid=...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=541745869;1402230080&rnd=1349242518&pcid=3466350839015920407
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D541745869%3B1402...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=201339086&mi=10&csh=541745869;1402230080;1709765917&rnd=1386105727&pcid=Y3FxKFOaQijXOw9VfulAuwAA%26549
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D541745869%3B1402230080%3B1709765917%3B201...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=541745869;1402230080;1709765917;201339086&rnd=-1566386350&pcid=2086264215600615833812
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D541745869%3B1...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618110e63fc8f&advId=100&advUuid=LAFXQDQC-C-2NT5&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LAFXQDQC-C-2NT5
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D54174...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=541745869;1402230080;1709765917;201339086;259151345;1725065545&rnd=-517808382&pcid=94c6e74e-2aca-4fb4-...
0
0
usermatch.gif
beacon.krxd.net/ Frame 6858 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=4573190879
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.160.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-160-212.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n005-ash-prod.krxd.net
date
Sun, 13 Nov 2022 22:35:22 GMT
cache-control
private, no-cache, no-store
x-request-time
D=109 t=1668378922
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
711061.gif
id.rlcdn.com/ Frame 6858 		42 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711061.gif?rndcb=613573616
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:22 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
396846.gif
idsync.rlcdn.com/ Frame 6858
Redirect Chain
  • https://idsync.rlcdn.com/709771.gif?partner_uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=4191508296
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=36a57e98-abcb-4127-9685-e0c79cc347db
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=36a57e98-abcb-4127-9685-e0c79cc347db
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:22 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 13 Nov 2022 22:35:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=36a57e98-abcb-4127-9685-e0c79cc347db
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
loadm.exelator.com/load/ Frame 6858 		124 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=1131&buid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=2091280135
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
application/x-javascript;charset=UTF-8
date
Sun, 13 Nov 2022 22:35:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
receive
pixel.tapad.com/idsync/ex/ Frame 6858
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3134&partner_device_id=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=1697023434
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3466350839015920407&pt=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3466350839015920407&pt=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Date
Sun, 13 Nov 2022 22:35:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
029188da-72c4-444f-8803-099b2cf5bc50
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3466350839015920407&pt=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A696 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
12494
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 19:07:05 GMT
etag
48472445140208031
expires
Mon, 14 Nov 2022 19:07:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6858 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf72ef4a78503597c7cec77730a8a7be3235d50790444cbdf41bf47d7a599785

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
sync.gif
dmp.truoptik.com/8bf33fe57526aec8/ Frame 6AF5
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=8372312124404870238
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=8372312124404870238&s_h=1
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&rn=TIMESTAMP&cs_xs=2189&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1701
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1701
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/4b6d3f46-f7ff-43da-bc78-c442027ecfb5/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F
  • https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Server
104.16.109.154 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
to-dmp-sync
s3a-dmp-use1-aws.truoptik.com
cf-cache-status
DYNAMIC
server
cloudflare
user-agent
Tru Optik DMP 1.3.1
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
cache-control
no-store
cf-ray
769afade9dce627b-ORD
x-xss-protection
1; mode=block
expires
0

Redirect headers

location
https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 6AF5
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3057&partner_device_id=2331523891413183289
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3057&partner_device_id=2331523891413183289
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8a252b93-28d3-40a0-bf24-181284989787&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8a252b93-28d3-40a0-bf24-181284989787&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8a252b93-28d3-40a0-bf24-181284989787&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
10.gif
id5-sync.com/c/224/429/0/ Frame 6AF5
Redirect Chain
  • https://id5-sync.com/s/224/9.gif?puid=8372312124404870238&gdpr_consent=&us_privacy=&gdpr=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/224/108/8/2.gif?puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOP6fgnmfPg3NGfc4A2QwyNlu5ww17hsA_XoYCgg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F224%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/224/124/7/3.gif?puid=100556db-b1b8-4709-bd17-f415fe8f25ce&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACws07G4uIAACCR69Mn3A
  • https://ce.lijit.com/merge?pid=85&3pid=AACws07G4uIAACCR69Mn3A&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F1241%2F5%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/224/1241/5/5.gif?puid=FpYrdQZHtPzoiSclTbOgNJke&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F441%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/224/441/4/6.gif?puid=u_a760e794-7429-45dd-8676-745b657443c4&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/224/108/3/7.gif?puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACws07G4uIAACCR69Mn3A
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F796%2F1%2F9.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/224/796/1/9.gif?puid=189ce4a1-43b0-4f8f-9664-1877bf46c91b&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F429%2F0%2F10.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/224/429/0/10.gif?puid=A08508D9-102C-4280-88EE-2D1A24469070&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/224/429/0/10.gif?puid=A08508D9-102C-4280-88EE-2D1A24469070&gdpr=0&gdpr_consent=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sun, 13 Nov 2022 22:35:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/c/224/429/0/10.gif?puid=A08508D9-102C-4280-88EE-2D1A24469070&gdpr=0&gdpr_consent=
date
Sun, 13 Nov 2022 22:35:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
dcm
s.amazon-adsystem.com/ Frame 6AF5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id=
  • https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id=&dcc=t
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FXXKFQD4K9K0TBX377PZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4JNM8P2THJ7P05T8RCX9
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
turn_sync
x.dlx.addthis.com/e/ Frame 6AF5 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/turn_sync?na_exid=8372312124404870238
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.100.217 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sun, 13 Nov 2022 22:35:20 GMT
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 6AF5 		43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6481&img=1&uid=8372312124404870238
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.138 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
401
content-length
43
u
dsp.v.fwmrm.net/ad/ Frame 6AF5 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.v.fwmrm.net/ad/u?nw=511940&dpid=511940&token=da3a55995538502bd55fb9a637e11943&buid=8372312124404870238
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f02:77d9:b48f:f0d0:e412 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 6AF5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8372312124404870238&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8372312124404870238&gdpr=&gdpr_consent=&C=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8372312124404870238&gdpr=&gdpr_consent=&C=1
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=4&external_user_id=8372312124404870238&gdpr=&gdpr_consent=&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
um
sync.teads.tv/ Frame 6AF5 		23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=11&uid=8372312124404870238
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.30.145 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-30-145.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sun, 13 Nov 2022 22:35:20 GMT
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6AF5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM3MjMxMjEyNDQwNDg3MDIzOA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bd
r.turn.com/r/ Frame 6AF5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fr.turn.com%2Fr%2Fbd%3Fddc%3D1%26pid%3D54%26cver%3D1%26uid%3D%24UID
  • https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=3466350839015920407
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=3466350839015920407
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Date
Sun, 13 Nov 2022 22:35:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6cd65556-7496-425c-8745-7a6578c482ce
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=3466350839015920407
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/ Frame 6AF5 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=20&code=8372312124404870238
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
AN-X-Request-Uuid
289a157d-a199-4200-b905-93c597e8c2a8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 6AF5 		43 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=1&3pid=8372312124404870238
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 6AF5
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=302&user_id=8372312124404870238&expires=7&gdpr=&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8372312124404870238&seat_key=302&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8372312124404870238&seat_key=302&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Server
35.173.157.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-157-165.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8372312124404870238&seat_key=302&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Date
Sun, 13 Nov 2022 22:35:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
bpi.rtactivate.com/tag/ Frame 6AF5 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=16873&user_id=8372312124404870238
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.208.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-208-82.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
cksync.php
contextual.media.net/ Frame 6AF5 		45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=amb&ovsid=8372312124404870238
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 13 Nov 2022 22:35:20 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 13 Nov 2022 22:35:20 GMT
UserMatch.ashx
atemda.com/ Frame 6AF5 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atemda.com/UserMatch.ashx?bidderid=12&bidderuid=8372312124404870238
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=8372312124404870238&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.113.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.113.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
via
1.1 google
access-control-allow-methods
GET
p3p
CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 13 Nov 2022 22:35:20 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8509 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdd7vqkM00Mx_j_RRn7VBOoDM5cT75t0Ii6KdrDMV4ChEtZaihvie9xsbeVHRqC9djLBite0Tc5D8nQRv-xDm6mdw&sig=Cg0ArKJSzLUBCMp_O_WeEAE&cid=CAASFeRoFhJIA_dJv0AYYEJPXoC7oOCf4A&id=lidar2&mcvt=1086&p=538,1250,788,1550&mtos=1086,1086,1086,1086,1086&tos=1086,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3545206658&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668378918452&rpt=379&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A50C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1Pelv8W6kdeTZ6XsceRICaswQhh1Qz8Sv-Kz1szOs-qFdB2jFpmpdQz9FPJhOTB7h_vYPhm7uD6R0szZDWeBbLdrQfs_hApBTudfBC4v9ug2tXti7xtIrjmuS2bzxhJL-rcI&sai=AMfl-YR0WS2gfrJGk74NFwWGKzbJ5W9aqeWFmkFLO_-vOb6pEj09cGA91E_KTmEXD00w-MogSzvHF0n64TGBtP_-YnRruavBY02abJe-W9ZCQ_LOeicfCi7jTL0ax3WGbA&sig=Cg0ArKJSzOO-bjUmCcOIEAE&cid=CAQSOwDq26N9mTUC2VRvB_anvfzwih4uHPrUjR7fFzkzZDVy93pdVBDlX0bE3A7Cje6Ybt-r_fJpKOrA0iEKGAEgEw&id=ampim&o=315,193&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1137&mtos=0,0,0,1137,1137&tos=0,0,0,1137,0&tfs=345&tls=1482&g=100&h=100&tt=1482&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame D576
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3057&partner_device_id=2331523891413183289
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3057&partner_device_id=2331523891413183289
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8a252b93-28d3-40a0-bf24-181284989787&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8a252b93-28d3-40a0-bf24-181284989787&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8a252b93-28d3-40a0-bf24-181284989787&ttd_puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
dcm
s.amazon-adsystem.com/ Frame D576
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id=
  • https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id=&dcc=t
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BPXVPWADX6HWRWGZPBHX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V9CG6VZT3T78Z7FZDS80
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/ Frame D576
Redirect Chain
  • https://sync.1rx.io/usersync/turn/3847914353920511232?dspret=1&redir=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzg1MjQ2ODY4%2Fmpuid%2F%5BRX_UUID%5D&gdpr=&gdpr_consent=&us_privacy=
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
ETag
RX4e8c8a1a1fbc403e88be10c764fde675005
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
tap.php
pixel.rubiconproject.com/ Frame D576 		42 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3847914353920511232&expires=60&gdpr=&gdpr_consent=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.gif
dmp.truoptik.com/8bf33fe57526aec8/ Frame D576
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=3847914353920511232
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=3847914353920511232&s_h=1
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&rn=TIMESTAMP&cs_xs=2189&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1701
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1701
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/4b6d3f46-f7ff-43da-bc78-c442027ecfb5/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F
  • https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx
0
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Server
104.16.109.154 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
to-dmp-sync
s3a-dmp-use1-aws.truoptik.com
cf-cache-status
DYNAMIC
server
cloudflare
user-agent
Tru Optik DMP 1.3.1
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
cache-control
no-store
cf-ray
769afade9dcd627b-ORD
x-xss-protection
1; mode=block
expires
0

Redirect headers

location
https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=4b6d3f46-f7ff-43da-bc78-c442027ecfb5&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
10.gif
id5-sync.com/c/224/429/0/ Frame D576
Redirect Chain
  • https://id5-sync.com/s/224/9.gif?puid=3847914353920511232&gdpr_consent=&us_privacy=&gdpr=
  • https://ce.lijit.com/merge?pid=1&3pid=3847914353920511232&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F1240%2F8%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_...
  • https://id5-sync.com/c/224/1240/8/2.gif?puid=FpYrdQZHtPzoiSclTbOgNJke&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOP6fgnmfPg3NGfc4A2QwyNlu5ww17hsA_XoYCgg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F224%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/224/124/7/3.gif?puid=100556db-b1b8-4709-bd17-f415fe8f25ce&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=8a252b93-28d3-40a0-bf24-181284989787&ttl=%%TTL%%
  • https://ce.lijit.com/merge?pid=27&3pid=8a252b93-28d3-40a0-bf24-181284989787&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F1245%2F5%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/224/1245/5/5.gif?puid=FpYrdQZHtPzoiSclTbOgNJke&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F434%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/224/434/4/6.gif?puid=4a835794-74c0-4aa8-945b-26bd565a9291&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F203%2F3%2F7.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/224/203/3/7.gif?puid=9beebe1b-2bc8-4709-8856-7fceb2e55cca&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACws07G4uIAACCR69Mn3A
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F108%2F1%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/224/108/1/9.gif?puid=d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F224%2F429%2F0%2F10.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/224/429/0/10.gif?puid=A08508D9-102C-4280-88EE-2D1A24469070&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/224/429/0/10.gif?puid=A08508D9-102C-4280-88EE-2D1A24469070&gdpr=0&gdpr_consent=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sun, 13 Nov 2022 22:35:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/c/224/429/0/10.gif?puid=A08508D9-102C-4280-88EE-2D1A24469070&gdpr=0&gdpr_consent=
date
Sun, 13 Nov 2022 22:35:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D576
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0NzkxNDM1MzkyMDUxMTIzMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55939/ Frame D576
Redirect Chain
  • https://pixel.advertising.com/ups/55939/sync?uid=3847914353920511232&_origin=1&gdpr=&gdpr_consent=&us_privacy=
  • https://ups.analytics.yahoo.com/ups/55939/sync?uid=3847914353920511232&_origin=1&gdpr=&gdpr_consent=&us_privacy=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55939/sync?uid=3847914353920511232&_origin=1&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55939/sync?uid=3847914353920511232&_origin=1&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.25
content-length
394
content-language
en
xuid
eb2.3lift.com/ Frame D576
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3847914353920511232&dongle=d407
  • https://eb2.3lift.com/xuid?ld=1&mid=4771&xuid=3847914353920511232&dongle=d407&gdpr=0&cmp_cs=&us_privacy=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4771&xuid=3847914353920511232&dongle=d407&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4771&xuid=3847914353920511232&dongle=d407&gdpr=0&cmp_cs=&us_privacy=
date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
merge
ce.lijit.com/ Frame D576
Redirect Chain
  • https://ce.lijit.com/merge?pid=1&3pid=3847914353920511232
  • https://ce.lijit.com/merge?pid=1&3pid=3847914353920511232&dnr=1
43 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3847914353920511232&dnr=1
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=1&3pid=3847914353920511232&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55939/ Frame D576 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55939/sync?uid=3847914353920511232&_origin=1&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame D576 		43 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3847914353920511232&redirectID=0
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1668378920339088-300
cookie-sync
sync.outbrain.com/ Frame D576
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=302&user_id=3847914353920511232&expires=7&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=302&user_id=3847914353920511232&expires=7&gdpr=&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=646fd8ed-ac69-4a32-a122-20903ac4341c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=646fd8ed-ac69-4a32-a122-20903ac4341c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:20 GMT
Cache-Control
no-cache
X-TraceId
bd3d3c1f992866289f372da07e01bb71
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=646fd8ed-ac69-4a32-a122-20903ac4341c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Sun, 13 Nov 2022 22:35:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame D576 		43 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=32&partneruserid=3847914353920511232&gdpr=&gdpr_consent=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
um
sync.teads.tv/ Frame D576 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=11&uid=3847914353920511232
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.30.145 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-30-145.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Sun, 13 Nov 2022 22:35:20 GMT
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame D576
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3847914353920511232&gdpr=&gdpr_consent=&us_privacy=
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537073061&val=3847914353920511232&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537073061&val=3847914353920511232&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537073061&val=3847914353920511232&gdpr=&gdpr_consent=&us_privacy=
date
Sun, 13 Nov 2022 22:35:20 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
/
bpi.rtactivate.com/tag/ Frame D576 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=16873&user_id=3847914353920511232
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.208.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-208-82.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame D576 		0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=11274053&ext_id=[ext_id]
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3847914353920511232&mktid=2017&btp=45&sp=n&pid=45&nu=y&ctid=1&cyid=2&app=n&gdpr=&gdpr_consent=&us_privacy=&ssl=y&drvuid=2331523891413183289&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.64.77.76 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-77-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 12 Nov 2022 22:35:20 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FDC9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/amobee/blocking_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
496289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 04:43:51 GMT
expires
Wed, 08 Nov 2023 04:43:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame ACFA 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
visit.js
tps.doubleverify.com/ Frame 967B 		2 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=569&ttfrms=47&brid=3&brver=107.0.5304.110&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD%3A%3E42DE%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauD%3A%3E42DE%5D4%40%3ETar9EEADTbpTauTau224c37da%60d45b53ae5g%60__e43%6046c%602_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=581&ddur=162&uid=1668378920044523&jsCallback=dvCallback_1668378920044317&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Faac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=10&brh=2&sdf=2&dvp_epl=215&noc=4&nav_pltfrm=Win32&ctx=499512&cmp=3352560&sid=turn&plc=33525601&adsrv=21&advid=2661345&turl=https%3A%2F%2Fsimcast.com&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_TF_TT=1&DVP_TF_CT=1&DVPX_TF_IP=%24!%7BBID_TIME_USER_IP%7D&DVPX_TF_IP6=2602%3Affc8%3A1%3A%3A&DVPX_TF_IP6_IMP=2602%3Affc8%3A1%3A1%3A%3A7&DVPX_TF_IMP_ID=2896496827964140638&DVP_TF_ADV_ID=1608812128&DVP_TF_IO_ID=1608836080&DVP_TF_LI_ID=1608856406&DVP_TF_INV_SRC_ID=158&DVP_TF_PUB_ID=1223411471&DVPX_TF_UA=Mozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F107.0.5304.110%2BSafari%252F537.36&DVPX_TF_BID_TS=1668378917993&DVPX_TF_UID=8372312124404870238&DVP_TF_ENV=DESKTOP_WEB&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=16526.71773049842&dvp_tukv=14051500095.394629&dvp_uuid=7838910866.113141&dvp_strhd=0.5999994277954102&dvpx_strhd=0.5999994277954102&dvp_tuid=152543727418
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/amobee/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.86 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb116.doubleverify.com
Software
/
Resource Hash
6b9a76b0d664ada7d9a853d3014f297b74c46aaba532f412c9325435489f4be0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:34:53 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Expires
11/12/2022 22:35:23
all
csm.us.criteo.net/ Frame B11B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=Av_-Cv7IxGoJ1inCMgmkbZSAUyY49AlV0huUhJlqg1K3OVckj-kGHNOtdj8cia1gjtOW0QsRla0mJsMsAoL115_13TH3VbwU_FOZvD9-4HBvCwGPhINgtPcVgnj2tFgb9HQxlWW9ibW12J0hCrsJAboPHH8BQJryVek8Qj5lCZhqhIuY49CjavFLOuYdkLO1RBi-TyE6Duvi62OSK6nRJlSvy00s_bmb543hSSe08DjqL75u7vCumBpcqyrcMGWqGTqNbQ&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y3FxJQAMiwoITwcFAAksBj19V4-cA7M6HJmWhg&u=%7CBZYCYyJ2wHyYODZ4vUZXzZSkMkHDnGbqu66NzC9B9YM%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSORU0Czg3jKSfbBp90MLS0g-bYZvVZyAZxc7NvCulF-oEEghKE9jVcyQIpt2kKAXTQNQt5OLhbbVmLFazJrmlO47phj0bHTsAX_MW9j9vAqfTUEpasWOfnSgukvpy1xrvnOKyQNRHX4-ljgWjH5-qzYejyPUWlhfVJr2QEOWZK2j5wiIwOAwT0BQWqMkPaZ7ouY8ExhvIA1QYHkMf-BcbD3NYwWHHLaYeQHchQuxszLBjLR6d9SPaqR-xjcNV4QuXGVchc8Oh8m3duzs9cY68rYAt9w51duD-v_kOLuys-0oqcNaReJzt20ajDRaKDQO0XpLMhnxvz17z7dUc9wgf3w4XKDOZWbyzYpZXe3vDDKgu1BeOJoRgJ4Ed8ss6MBSwiQ8DJVDFxqoEhZ7iMypE2ezMOQbYwlxyk2pfDxoDkKIFve3vLOP46kncn461Os89G6G5-2pVT7c80giGelFw7wjFo6PElbQ4RpJEGMAuDsuYnv7vMbIf-YIK57valKqJPmENkrZYluSvU86_rA0J6AKNWyERZShM3jjF1vi45PYyEtet64GZhaZjNWuXGI6QANXnXN6bkoNubzYHZxfWiBjYLCBmeSg7Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1F69JXFxY4qWMoWOvPIPhtik6A2cge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItMTA2Mjk3Mjg2MTU1MzMwM8gBCeACAKgDAaoE-gFP0E1Y_Ty0wANP-Q_bMzr_dpk2Fq0qRc-ncA_3XH8wQ0RVOaa3INpK0YdauRlA1sk0A5eLgGEx-RJWoFeuR4ErmfWB6M9wRYAiNeKOmdPGFY6f9B5cqmEhliNjrcVUTlioxV75fSxxhY6-xQFkliV3QWAZZqr8AHBJJsA-oJBhAKqm5fk6Jon8_oEwCCjLeYcGZnU89JHqOjqguGv5PsVpGPsmMFiJtsnouzF-RYaaUqmfzT2TcH3ow9fozGnFJA6Zyf3n8l-0gI-1S4ADJS-DGI1DwhMM0vY-518WXsZEsaDkWmlvI8wXduabFYTB9R5yMp-TQj9loQ_M4AQBgAbX-9b88eXynaQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lFLlH00ng1GwgH4EsKYYt5eCsUA%26client%3Dca-pub-1062972861553303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 13 Nov 2022 22:35:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
pixel
cm.g.doubleclick.net/ Frame B419
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEO-tDoWRNRjYt7h93oPkuoo&google_cver=1&google_push=ASkJ3FafXTAikMOL_E_NbAiPr2Bicq00dCtTnRVi4xheV13OPcyKGHtzqyObYek4MxkRIPku5KZNhxJ2w0OjlCmhZUlrVSpt1EJS
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dASkJ3FafXTAikMOL_E_NbAiPr2Bicq00dCtTnRVi4xheV13OPcyKGHtzqyObYek4MxkRI...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=ASkJ3FafXTAikMOL_E_NbAiPr2Bicq00dCtTnRVi4xheV13OPcyKGHtzqyObYek4MxkRIPku5KZNhxJ2w0OjlCmhZUlrVSpt1EJS&google_cver=1&googl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=ASkJ3FafXTAikMOL_E_NbAiPr2Bicq00dCtTnRVi4xheV13OPcyKGHtzqyObYek4MxkRIPku5KZNhxJ2w0OjlCmhZUlrVSpt1EJS&google_cver=1&google_gid=CAESEO-tDoWRNRjYt7h93oPkuoo&google_hm=UTcyMTY2NTMyMDE3NDYyMzk4NTY=
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=ASkJ3FafXTAikMOL_E_NbAiPr2Bicq00dCtTnRVi4xheV13OPcyKGHtzqyObYek4MxkRIPku5KZNhxJ2w0OjlCmhZUlrVSpt1EJS&google_cver=1&google_gid=CAESEO-tDoWRNRjYt7h93oPkuoo&google_hm=UTcyMTY2NTMyMDE3NDYyMzk4NTY=
Content-Type
text/html
Cache-Control
max-age=76882
Connection
keep-alive
Content-Length
154
i.match
s.tribalfusion.com/z/ Frame B419
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEM1IE85dTiiWbuDcPCrNTmg&google_cver=1&google_push=ASkJ3Fb6tgO-kVgvwYgB_xUuBEIesCFRAwyxqd9b5i3xLU2rv5UOKL-9cNiIhNd-amf6qeuvuI7vDjPeKWte1W4wXQbxsEDRFnrS&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM1IE85dTiiWbuDcPCrNTmg&google_cver=1&google_push=ASkJ3Fb6tgO-kVgvwYgB_xUuBEIesCFRAwyxqd9b5i3xLU2rv5UOKL-9cNiIhNd-amf6qeuvuI7vDjPeKWte1W4wXQbxsEDRFnr...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM1IE85dTiiWbuDcPCrNTmg&google_cver=1&google_push=ASkJ3Fb6tgO-kVgvwYgB_xUuBEIesCFRAwyxqd9b5i3xLU2rv5UOKL-9cNiIhNd-amf6qeuvuI7vDjPeKWte1W4wXQbxsEDRFnrS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb6tgO-kVgvwYgB_xUuBEIesCFRAwyxqd9b5i3xLU2rv5UOKL-9cNiIhNd-amf6qeuvuI7vDjPeKWte1W4wXQbxsEDRFnrS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
769afadb9b1b8708-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
677
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM1IE85dTiiWbuDcPCrNTmg&google_cver=1&google_push=ASkJ3Fb6tgO-kVgvwYgB_xUuBEIesCFRAwyxqd9b5i3xLU2rv5UOKL-9cNiIhNd-amf6qeuvuI7vDjPeKWte1W4wXQbxsEDRFnrS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb6tgO-kVgvwYgB_xUuBEIesCFRAwyxqd9b5i3xLU2rv5UOKL-9cNiIhNd-amf6qeuvuI7vDjPeKWte1W4wXQbxsEDRFnrS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
769afadafa038708-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B419
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMjRLLNgah97MqRFAUurvfc&google_cver=1&google_push=ASkJ3FapLuDdXu0Rg0CaOjb922Ql27iMIcALHPEQfaM58JFS0ROicvRSXrXIcCs-f3UAcoRdNiO8HyJfd7...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMjRLLNgah97MqRFAUurvfc&google_cver=1&google_push=ASkJ3FapLuDdXu0Rg0CaOjb922Ql27iMIcALHPEQfaM58JFS0ROicvRSXrXIcCs-f3UAcoRdNiO8HyJfd7...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=ASkJ3FapLuDdXu0Rg0CaOjb922Ql27iMIcALHPEQfaM58JFS0ROicvRSXrXIcCs-f3UAcoRdNiO8HyJfd7bLTj5Yoo_Y9q4YF84&google_hm=MDUwMzAwMDJfNjM3MTcx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=ASkJ3FapLuDdXu0Rg0CaOjb922Ql27iMIcALHPEQfaM58JFS0ROicvRSXrXIcCs-f3UAcoRdNiO8HyJfd7bLTj5Yoo_Y9q4YF84&google_hm=MDUwMzAwMDJfNjM3MTcxMjg2MzkwZQ%3D%3D
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 13 Nov 2022 22:35:20 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=ASkJ3FapLuDdXu0Rg0CaOjb922Ql27iMIcALHPEQfaM58JFS0ROicvRSXrXIcCs-f3UAcoRdNiO8HyJfd7bLTj5Yoo_Y9q4YF84&google_hm=MDUwMzAwMDJfNjM3MTcxMjg2MzkwZQ%3D%3D
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame B419
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMsSd_bJl1_tk_dcRzVJlEg&google_cver=1&google_push=ASkJ3FbmSsD7xt4CPJL-HhpfMKkHGccInsNyrwUuAPR0AApQmtvb7QEMn-GmwyJEh-SQNNQFOTwtDN8R80q00tGW-j9n-Xo...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbmSsD7xt4CPJL-HhpfMKkHGccInsNyrwUuAPR0AApQmtvb7QEMn-GmwyJEh-SQNNQFOTwtDN8R80q00tGW-j9n-XoSRl8i&google_hm=NDU2MDcwMTM2MjA4ODA4MD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbmSsD7xt4CPJL-HhpfMKkHGccInsNyrwUuAPR0AApQmtvb7QEMn-GmwyJEh-SQNNQFOTwtDN8R80q00tGW-j9n-XoSRl8i&google_hm=NDU2MDcwMTM2MjA4ODA4MDE5Ng%3D%3D
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbmSsD7xt4CPJL-HhpfMKkHGccInsNyrwUuAPR0AApQmtvb7QEMn-GmwyJEh-SQNNQFOTwtDN8R80q00tGW-j9n-XoSRl8i&google_hm=NDU2MDcwMTM2MjA4ODA4MDE5Ng%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame B419
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEN9ixVPdn3QKzh2n6rQ1D04&google_cver=1&google_push=ASkJ3FZXqGc0EgfaOhmXIJrUbb1G3Ffw302_RdvayPvK7_xdNXbBDRUdPvg2Spu1Zgk5RW-pis_IuN5fhhRCZfakWtRxSg8vrT3s
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZXqGc0EgfaOhmXIJrUbb1G3Ffw302_RdvayPvK7_xdNXbBDRUdPvg2Spu1Zgk5RW-pis_IuN5fhhRCZfakWtRxSg8vrT3s&google_hm=a5e90b5145ad4e46c20...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZXqGc0EgfaOhmXIJrUbb1G3Ffw302_RdvayPvK7_xdNXbBDRUdPvg2Spu1Zgk5RW-pis_IuN5fhhRCZfakWtRxSg8vrT3s&google_hm=a5e90b5145ad4e46c202793b4d6b11a3
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZXqGc0EgfaOhmXIJrUbb1G3Ffw302_RdvayPvK7_xdNXbBDRUdPvg2Spu1Zgk5RW-pis_IuN5fhhRCZfakWtRxSg8vrT3s&google_hm=a5e90b5145ad4e46c202793b4d6b11a3
date
Sun, 13 Nov 2022 22:35:20 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame B419
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEKMfqj-V_RNMdLsaZ8LuKz8&google_cver=1&google_push=ASkJ3FZv_ntxKWyhSWFc_bLANfOlfdiR8icglgUeuZG_QAB5Pfc4TfeYNrC8FPTp6PJAAJhlOEjRS4hEZbWARRINRCO2tQj8LN25fg
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FZv_ntxKWyhSWFc_bLANfOlfdiR8icglgUeuZG_QAB5...
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOP6fgnmfPg3NGfc4A2QwyNlu5ww17hsA_XoYCgg&google_push=ASkJ3FZv_ntxKWyhSWFc_bLANfOlfdiR8icglgUeuZG_QAB5Pfc4TfeYNrC8FPTp6PJAAJhlOEjRS4hEZbWARRINRCO2...
  • https://cm.g.doubleclick.net/pixel?google_hm=hkB8J0qxD17FNSWKmpTy&google_push=ASkJ3FZv_ntxKWyhSWFc_bLANfOlfdiR8icglgUeuZG_QAB5Pfc4TfeYNrC8FPTp6PJAAJhlOEjRS4hEZbWARRINRCO2tQj8LN25fg&google_nid=inmob...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=hkB8J0qxD17FNSWKmpTy&google_push=ASkJ3FZv_ntxKWyhSWFc_bLANfOlfdiR8icglgUeuZG_QAB5Pfc4TfeYNrC8FPTp6PJAAJhlOEjRS4hEZbWARRINRCO2tQj8LN25fg&google_nid=inmobi_new_eb
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=hkB8J0qxD17FNSWKmpTy&google_push=ASkJ3FZv_ntxKWyhSWFc_bLANfOlfdiR8icglgUeuZG_QAB5Pfc4TfeYNrC8FPTp6PJAAJhlOEjRS4hEZbWARRINRCO2tQj8LN25fg&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
227
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame B419
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZduUKGPEKdrXBmSGtvsW6By9jeoPpDjOxl...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FZduUKGPEKdrXBmSGtvsW6By9jeoP...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=08f8f50f-06db-4e9c-ab8a-cbe1b4e9ff6e&&google_push=ASkJ3FZduUKGPEKdrXBmSGtvsW6By9jeoPpDjOxlNgrRGqrauyw5vpLf76yFWWMcz_UTa_k_de...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=08f8f50f-06db-4e9c-ab8a-cbe1b4e9ff6e&&google_push=ASkJ3FZduUKGPEKdrXBmSGtvsW6By9jeoPpDjOxlNgrRGqrauyw5vpLf76yFWWMcz_UTa_k_deipoU7Lb3AlssOT1bmWbafpz-G_dw
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=08f8f50f-06db-4e9c-ab8a-cbe1b4e9ff6e&&google_push=ASkJ3FZduUKGPEKdrXBmSGtvsW6By9jeoPpDjOxlNgrRGqrauyw5vpLf76yFWWMcz_UTa_k_deipoU7Lb3AlssOT1bmWbafpz-G_dw
Date
Sun, 13 Nov 2022 22:35:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame B419 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXFa5DYtUORpTnB_3M880Y3V75jHpYnVh1iuPtfd3MJQ8f-4dUtw_y5HAPN1-4QRUPd60xc3A
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FBD4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/amobee/blocking_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
496289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 04:43:51 GMT
expires
Wed, 08 Nov 2023 04:43:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame 9C72 		2 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=348&ttfrms=12&brid=3&brver=107.0.5304.110&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD%3A%3E42DE%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauD%3A%3E42DE%5D4%40%3ETar9EEADTbpTauTau224c37da%60d45b53ae5g%60__e43%6046c%602_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=582&ddur=155&uid=1668378920102519&jsCallback=dvCallback_1668378920102842&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Faac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=10&brh=2&sdf=2&dvp_epl=215&noc=4&nav_pltfrm=Win32&ctx=499512&cmp=3352560&sid=turn&plc=33525601&adsrv=21&advid=2661345&turl=https%3A%2F%2Fsimcast.com&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_TF_TT=1&DVP_TF_CT=1&DVPX_TF_IP=%24!%7BBID_TIME_USER_IP%7D&DVPX_TF_IP6=2602%3Affc8%3A1%3A%3A&DVPX_TF_IP6_IMP=2602%3Affc8%3A1%3A1%3A%3A7&DVPX_TF_IMP_ID=3545328753956556032&DVP_TF_ADV_ID=1608812128&DVP_TF_IO_ID=1608836080&DVP_TF_LI_ID=1608856406&DVP_TF_INV_SRC_ID=158&DVP_TF_PUB_ID=1223411471&DVPX_TF_UA=Mozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F107.0.5304.110%2BSafari%252F537.36&DVPX_TF_BID_TS=1668378918085&DVPX_TF_UID=3847914353920511232&DVP_TF_ENV=DESKTOP_WEB&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=289058229603.86945&dvp_tukv=39277081523.05806&dvp_uuid=829809900977.6548&dvp_strhd=0.3000001907348633&dvpx_strhd=0.3000001907348633&dvp_tuid=1356124152554
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/amobee/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.86 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb116.doubleverify.com
Software
/
Resource Hash
8f16f16ae2093b7ea1bb38f33aeeb16add79586fc973f82f33b40e955484b7d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:34:43 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Expires
11/12/2022 22:35:22
cap
choices-or.trustarc.com/ Frame ACFA 		43 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices-or.trustarc.com/cap?pid=tradedesk01&aid=tradedesk01&cid=3u579qr_xejceum_2zxxzb3e&w=640&h=480
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.149.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-149-48.compute-1.amazonaws.com
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A696
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1&google_push=ASkJ3FYKx9dRo0CF87nWTeW2WLCnaRQ-W2SeZGt78X3tmFcwWZprDeU-B3RJRieYgLcgEq32dJT7F_M7EENPD9nbKy6bkhwPgY8
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0NzkxNDM1MzkyMDUxMTIzMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 13 Nov 2022 22:35:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFE8v5aTnQx2px4GF2lss8U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A696
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBXhlc9_Sm9FqbPVLcjRzgw&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBXhlc9_Sm9FqbPVLcjRzgw&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SE9ncEFpenUxT1VsenE1&google_gid=CAESEBXhlc9_Sm9FqbPVLcjRzgw&google_cver=1&google_push=ASkJ3Fb7bczdWW5RQBfrYBscqfSHCUd6rX_arq5jPArc-sV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SE9ncEFpenUxT1VsenE1&google_gid=CAESEBXhlc9_Sm9FqbPVLcjRzgw&google_cver=1&google_push=ASkJ3Fb7bczdWW5RQBfrYBscqfSHCUd6rX_arq5jPArc-sVfvV-NH9Zck1-1totfO_phKjs8DyBBasjN-0AZ_bNNuXUg5udBW_Y
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:19 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-084cd5c5fedf056ac@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SE9ncEFpenUxT1VsenE1&google_gid=CAESEBXhlc9_Sm9FqbPVLcjRzgw&google_cver=1&google_push=ASkJ3Fb7bczdWW5RQBfrYBscqfSHCUd6rX_arq5jPArc-sVfvV-NH9Zck1-1totfO_phKjs8DyBBasjN-0AZ_bNNuXUg5udBW_Y
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A696
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTM3NDc0MmItZGQ0Ni00YzU1LTg5NmMtZWFhYjY1ODdjYzc3&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=1&google_push=ASkJ3FYF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTM3NDc0MmItZGQ0Ni00YzU1LTg5NmMtZWFhYjY1ODdjYzc3&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=1&google_push=ASkJ3FYFnn_ryfBzICZKJdaRuIckQFYED4q-gVZfFvHa1Zdi7u8m_ko0CzeEhzHskjBTmoEjInxWl91GTrkb3R2FpmHrDNkGEQ
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTM3NDc0MmItZGQ0Ni00YzU1LTg5NmMtZWFhYjY1ODdjYzc3&google_gid=CAESEH1wm2dfdSr3lHhW1CAYeuo&google_cver=1&google_push=ASkJ3FYFnn_ryfBzICZKJdaRuIckQFYED4q-gVZfFvHa1Zdi7u8m_ko0CzeEhzHskjBTmoEjInxWl91GTrkb3R2FpmHrDNkGEQ
date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A696
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL4wMWdNzfnBLXfPj2g-TTQ&google_cver=1&google_push=ASkJ3FaU8oD-ZlKzKf0MKvV87epCNOw6Bf-atsucQnkPzp_HiTYzqda6tp7oL01SXIzBABUixoa...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWFFEUkwtMjUtNU1VMw==&google_push=ASkJ3FaU8oD-ZlKzKf0MKvV87epCNOw6Bf-atsucQnkPzp_HiTYzqda6tp7oL01SXIzBABUixoa9UROdbwENa95qp5JRnx9eMeQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWFFEUkwtMjUtNU1VMw==&google_push=ASkJ3FaU8oD-ZlKzKf0MKvV87epCNOw6Bf-atsucQnkPzp_HiTYzqda6tp7oL01SXIzBABUixoa9UROdbwENa95qp5JRnx9eMeQ
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWFFEUkwtMjUtNU1VMw==&google_push=ASkJ3FaU8oD-ZlKzKf0MKvV87epCNOw6Bf-atsucQnkPzp_HiTYzqda6tp7oL01SXIzBABUixoa9UROdbwENa95qp5JRnx9eMeQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
pixel
cm.g.doubleclick.net/ Frame A696
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEFjSa2A6ZrEZzeSgC1ngGQw&google_cver=1&google_push=ASkJ3FZEjRoREnxIDq70Ag5mqQZL6os0SR5Lzf7x2CDZitUUXluMzCi4jm7aM4CRvNu8paA8c1CUfTLt048TkptNipVOyQM...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OTE3ZWNhMjRlZDc2NDEzZmJhZTY3OThhN2ZjZDk1YWY%3D&UIDF=CAESEFjSa2A6ZrEZzeSgC1ngGQw&google_cver=1&google_push=ASkJ3FZEjRoREnxIDq70Ag5mqQZL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OTE3ZWNhMjRlZDc2NDEzZmJhZTY3OThhN2ZjZDk1YWY%3D&UIDF=CAESEFjSa2A6ZrEZzeSgC1ngGQw&google_cver=1&google_push=ASkJ3FZEjRoREnxIDq70Ag5mqQZL6os0SR5Lzf7x2CDZitUUXluMzCi4jm7aM4CRvNu8paA8c1CUfTLt048TkptNipVOyQM-UkQ
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OTE3ZWNhMjRlZDc2NDEzZmJhZTY3OThhN2ZjZDk1YWY%3D&UIDF=CAESEFjSa2A6ZrEZzeSgC1ngGQw&google_cver=1&google_push=ASkJ3FZEjRoREnxIDq70Ag5mqQZL6os0SR5Lzf7x2CDZitUUXluMzCi4jm7aM4CRvNu8paA8c1CUfTLt048TkptNipVOyQM-UkQ
date
Sun, 13 Nov 2022 22:35:20 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pub
cs.chocolateplatform.com/ Frame A696 		0
0
pixel
cm.g.doubleclick.net/ Frame A696
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEN9ixVPdn3QKzh2n6rQ1D04&google_cver=1&google_push=ASkJ3Fb4983c7wBulcjh934Z9hu93rKOwET9C_qTli5uzcprMbMlG6jNAppC9DhLMP0iN_qqMW015722DY1hifqRj-k2zQBgg-k
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fb4983c7wBulcjh934Z9hu93rKOwET9C_qTli5uzcprMbMlG6jNAppC9DhLMP0iN_qqMW015722DY1hifqRj-k2zQBgg-k&google_hm=7ef9d2a7fc00ab515a00...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fb4983c7wBulcjh934Z9hu93rKOwET9C_qTli5uzcprMbMlG6jNAppC9DhLMP0iN_qqMW015722DY1hifqRj-k2zQBgg-k&google_hm=7ef9d2a7fc00ab515a00594b4f3081f5
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3Fb4983c7wBulcjh934Z9hu93rKOwET9C_qTli5uzcprMbMlG6jNAppC9DhLMP0iN_qqMW015722DY1hifqRj-k2zQBgg-k&google_hm=7ef9d2a7fc00ab515a00594b4f3081f5
date
Sun, 13 Nov 2022 22:35:20 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame A696 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KBo8OaNOGfb6jsZNqHjLN06g5D9pknOH99RwkIqjefbrTsxwglQ3MOkcdOvjWjHoW86Wwe
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
usync.html
eus.rubiconproject.com/ Frame 8E3C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d29xw9s9x32j3w.cloudfront.net
URL: https://d29xw9s9x32j3w.cloudfront.net/players/library/prebid/6.12.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://simcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 13 Nov 2022 22:35:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame FDC9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 19:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 19:46:19 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame FBD4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 19:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 19:46:19 GMT
usync.js
eus.rubiconproject.com/ Frame 8E3C 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5c835707a9c6d6bbf26cb49111c349e9f78fff5c373b94b82cc6857ad0374c8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 13 Nov 2022 19:32:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75404
Connection
keep-alive
Content-Length
9884
Expires
Mon, 14 Nov 2022 19:32:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDC9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnGdbJ3FxY96wDMP7owab-JOABQAAAAA4AeAEAg&bg=!RUalRgLNAAbvMpMzzzI7ACkAdvg8Wskh2QJQnHs_nWkjnAyf3njDjSmohPDIlb10Gnwo7agV7hGkFQIAAAC2UgAAAANoAQcKAC9kWuXdI_MdBWLQ8NytK8kltErsU1M-9uShJmgkAdZTx39mqXP9X8UXuTJT9OgGGJkC8YCOaRKenCJTJhG77zA4quxYNCq4ZPeSwvsazNGuXFFC4LPzQmO2MQLbBjnTDg4_xsRKa35fGCMqQ7FQ4BnUdPqC95C-9KF6cqNTbDhs3gC6W3LPL0XN1GTwQtr-KAAopdMoPRsky5m2TqmPadhdRJtg6psBsg6GghjpA5nqyupC1H5rpp6Ijry4tiKySWuNDEboNwOi6TmQzST1kB_tqttY-fArK6rXhzcnRkaY-A1T1ZsDoVQqOZKc_fN6tEFu-bgCKNkQhkIZczlCpNYW6YXd0Fg0IAPJ1xu4AZzfcf6cuGYYB6OAZFd0st_nCK5W1_uxxybb0iUJdekoIO7z_tOZHRRkZCNGHLfDcdCY-rvk3Kr-W0uItUqm965C165VVEqy_ntY8Lk3otpzIy4jqDSINe8CRndwpV0K8VixsWXMQXnzUakPDnf6UYmMM5eHgaf0sCePMB3hH40sYiH-zlUxt0Z2T0YeRB8YyQ4XIoX6DF3_twheiI68bA9XTTG--0Uzzn8o79p6oohw2hNIWCTFXZ7bGNkNQupF2PuE6aTTw2wi5rHkc7_9eC1azgOSLh7mLbqyR6_K4FK7WZ4vRk4R5yQO__0Qav5kiNFRwkVF1e7tSzj2ADqmnCyr8fCtyvJI1gmvuBw4Qbc5SgA73KVS8nFmUFCrWFU0KvdGLzW-3j1h2gLZpsQyVGqDst1Ntdh1mEZpi7N4M3m64S-TTjAtDZ2Dw97uAtTwHTHlFbbCtxxEglhALf8kb0FZiY_F2ChxCEVX_QrJ9GBWH1dUcr7HJtfqjAWYmcqIchTTuduL9P6MxUthyfwqRqHr9gwMrMEeo-GG3LTzb13mOyJNiTcBM_LtpIPxqzD7bXWViU2sXzU0A7zbLmGt2ukfjcsTzQGWIkG3Eew3YTHrxGpP1387xlWwRu9s05yaHsesxVXszgm5BeFlAKUiD4sMR6iKs6Sz0O505NgtQnMv7gMTKNXebTnAekKjixOvM4YyroWQyw
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FBD4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0kMlJ3FxY66jDKKIyQPj_aOwDgAAAAA4AeAEAg&bg=!-vml-b3NAAbvMpMzzzI7ACkAdvg8Wu2gDwvHJDwTffXHI-JCbW6m60YXbmmq_NVtfWs2IB8evC-xBgIAAAC5UgAAAAJoAQcKAFmDX1e_i6ZyzRyxDpVEzMssS3YcO64GXgi3xCHUDLzsrTFH8475KBv3oPzMmSo6D19XOMgNDFpOpDrZnGHd-MB8n72l6bdIrhjeoaFAMfMwjm5q7h3pPVqALpkC8r9SEiW5m6SjKWfbV1doyy-5eD9A3p0AqVCQjSrrVOY4Z22NwNIk7xbz5rMRaZKciu1ehZ3HA093gpMH5mQg7e1yMrmyTrpXo7tc7xX7AF36wAdrCENlZB38HBMiyJOlxRfSVO1ut6TjnVUrZf69Co51G3SoLLDiYhWm64X3Kr6SVMqBzsvIqnYzqRHody71ne1rXEfUfHL98wNfgqYqCt0GLHTA0jwBvFo8bS49E-oieTywSr1Tw2aW47Mqs9jMUz3S8zvLnA_v1sPEKW3M6CvvdYup6SWq_kOIeKhjnbLLnkd-azqWyv9ReawZE2B-mSCQ9J-Z9GwPECdcmaJx6PVESruDQfvQcF8TkMxxo1ENuf89duCFYIW_v32PaJGUxPExTBwX_9ID8zXHigvuKHaBgxIwjuaSmbD2MJdNLppUGtAbfx72_Bh4-D5ODbaf-1RZG-aZHwf4U_R7C8sdU1ZvQkhIkAsn0qkZUCdQ1VWaxgkDGAcMOoyHMjPmy1TpWSURhq4eQHGotFjBQBHkr5EdpdpBw4K4zHfqrCssA0kMkK5HcusLeq7sqd7VrsALEkooaxnFWB80Xu7RD4S77-ptQ0tSB68pxMXu-Q3VwsUxp0oOkWnWIJL_ZCSUwld--UnDVTwJ_7EOP7t_oIl5EV2Bu0STgZGTUwuCh-uD1M0IRS8RSSVf75cE3oJX-bHyG42D1lWYQjcr_wfoBUepyw-VoSY0Tm6qHnVn6epE8UzW_WhLr_iT7ndBmUCDVxlbKLdrbwnNDNquJHMMB-0C3UnzVU5alU3fMP00hfzeT-RZjxEkDW11UG2opHeAkyH3MVzdgYu-MCt53xKvnQYD1Fup0tMAk7R2N1RYesJQ2OPLgnF3z_H5W0iEc-aGQO3MSyX1aodkG_bnV4NUEndxwSoAiCGH6HM44oSrKpZPFTEPBEtGUikhc5cj-kNlufnmcan9XGmkuiDbKE2DKQJt5W74AXzMA79FfN9ak3LOFPH3K3g
Requested by
Host: aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8E3C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dl3n5dysDEcXSBX_eVAfUw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4560701362088080196
42 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4560701362088080196
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4560701362088080196
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 8E3C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMq15KmLYfTlBYVOLTCPFnc&google_cver=1
42 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMq15KmLYfTlBYVOLTCPFnc&google_cver=1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMq15KmLYfTlBYVOLTCPFnc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8E3C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8a252b93-28d3-40a0-bf24-181284989787&gdpr=0&gdpr_consent=&expires=30
42 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8a252b93-28d3-40a0-bf24-181284989787&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8a252b93-28d3-40a0-bf24-181284989787&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 8E3C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWFFEUUMtQy0yTlQ1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWFFEUUMtQy0yTlQ1
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWFFEUUMtQy0yTlQ1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8E3C 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AKV3JJAMJW6DSCGZCB3D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 8E3C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAFXQDQC-C-2NT5
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAFXQDQC-C-2NT5
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:20 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1C732E09EFE24BE09028B5AA5D214705 Ref B: CHGEDGE1106 Ref C: 2022-11-13T22:35:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtYbzuLa7b8RiefHxNLg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAFXQDQC-C-2NT5
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8E3C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGJiYTVjNDMwODMyN2ZhNTdlM2U0NTM1OTczNjY5YTQxOTRjZWJlYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGJiYTVjNDMwODMyN2ZhNTdlM2U0NTM1OTczNjY5YTQxOTRjZWJlYw
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H3
Server
142.250.72.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGJiYTVjNDMwODMyN2ZhNTdlM2U0NTM1OTczNjY5YTQxOTRjZWJlYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 8E3C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=v2Rs9fznT9eTdxrXZxiJVg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=v2Rs9fznT9eTdxrXZxiJVg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=v2Rs9fznT9eTdxrXZxiJVg
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NAXRWETH37R3QDQ758H2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=v2Rs9fznT9eTdxrXZxiJVg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=646fd8ed-ac69-4a32-a122-20903ac4341c
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=f386c6ab-198b-452b-bd0c-27ae9f8829c7&ssp=themediagrid&bsw_param=646fd8ed-ac69-4a32-a122-20903ac4341c
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=f386c6ab-198b-452b-bd0c-27ae9f8829c7&ssp=themediagrid&bsw_param=646fd8ed-ac69-4a32-a122-20903ac4341c
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=f386c6ab-198b-452b-bd0c-27ae9f8829c7&ssp=themediagrid&bsw_param=646fd8ed-ac69-4a32-a122-20903ac4341c
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=754850&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACws07G4uIAACCR69Mn3A&expiration=1669588520
43 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACws07G4uIAACCR69Mn3A&expiration=1669588520
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACws07G4uIAACCR69Mn3A&expiration=1669588520
Date
Sun, 13 Nov 2022 22:35:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync.html
cs.media.net/
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx
  • https://cs.media.net/cksync.html?cs=8&type=opxab4f6861-cd8c-4da7-aab3-1e5a17b7b4df
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.html?cs=8&type=opxab4f6861-cd8c-4da7-aab3-1e5a17b7b4df
Protocol
HTTP/1.1
Server
184.87.164.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-164-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

date
Sun, 13 Nov 2022 22:35:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.media.net/cksync.html?cs=8&type=opxab4f6861-cd8c-4da7-aab3-1e5a17b7b4df
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=1643770926
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=646fd8ed-ac69-4a32-a122-20903ac4341c&google_hm=NjQ2ZmQ4ZWQtYWM2OS00YTMyLWExMjItMjA5MDNhYzQz...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFoxHLyc80ZTfDjrYLBlits&google_cver=1&ssp=adconductor&bsw_param=646fd8ed-ac69-4a32-a122-20903ac4341c
  • https://sync.1rx.io/usersync/bidswitch/646fd8ed-ac69-4a32-a122-20903ac4341c?gdpr=&gdpr_consent=
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 22:35:20 GMT
Server
Adtelligent
Etag
9c685193e8d8984d
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:20 GMT
ETag
RX4e8c8a1a1fbc403e88be10c764fde675005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Content-Type
text/html
Location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
/
onetag-sys.com/match/
Redirect Chain
  • https://onetag-sys.com/usync/?tag=img
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=2810035083213440694&expires=30&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=646fd8ed-ac69-4a32-a122-20903ac4341c&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=646fd8ed-ac69-4a32-a122-20903ac4341c&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=646fd8ed-ac69-4a32-a122-20903ac4341c&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 13 Nov 2022 22:35:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6858 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssCUty88hAfgMJKrF2ytkUn5uGGah__A8aVYWNGD5WjhNQmh3ZftDXzrUjmJALDp-iFAA4jALrcsNUaSK2vvvrefgM&sig=Cg0ArKJSzID1mpzSJ2hbEAE&cid=CAASFeRo85GvyOn4T3tk-Wl9GLXOYGNxgw&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=3390712034&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668378918455&rpt=1356&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/amobee/blocking_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0QQJsuq4yxZ2XXUrJfG1Qb14DqQ2DRufEjArkgfYkyzPjBinPSvE1hMR1uXwF0bpLaFXeJ15sygmFNXE092r6gMzu7c3QfKXcLqGvSK4xoDVOUyk-Q47gcQAI2BM-Dci6xC1D68VeFw3gXeNWcrPZwQdvvc9fqvr8udAIpLqBgzf9dB3DQOPGm1uYGZ6HgwtWa_cWfl4dw4bvlymrS1thD8lo0WuQrtaTMRpyNi8SelorqiPI4_CghAMAEKbDkA0YukofEoJjS02ffqBeMVBrHtY2UPUNnyLrW1Pno_YG5AxE0LaHmrudz3p207cOnWoQ3xY0Q3hoQxCycCdFNq4&sig=Cg0ArKJSzLyLPxasj_iBEAE&cid=CAASFeRoU4Ff7WWDrDU89wAyZgR0iKi_jA&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D2008,0,0,0,0%26mtos%3D2008,2008,2008,2008,2008%26amtos%3D0,0,0,0,0%26mcvt%3D2008%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2008%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1234%26pst%3D1193%26vpaid%26dur%3D15000%26vmtime%3D1846%26dtos%3D2008%26dtoss%3D1%26dvs%3D2008%26dfvs%3D2008%26dvpt%3D2008%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1191%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D42438037%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1668378916639%26ptlt%3D1668378920995%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2008,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.16%26t%3D1668378918140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&ldt=OPENVV&key=eKVKXbhX&c_id=12018&seq=1&order=11&absoluteTime=5955.3&relativeTime=4618.6&sm_id=2359689&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=6161&load=1&status=LVFNLNIY&ac_id=2008&percentViewable=1&technique=IntersectionObserver&viewable=true&viewportWidth=1600&viewportHeight=2089&elementWidth=761&elementHeight=428&iframeContext=on%20page&focus=true&type=complete&counter=4
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:21 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
&dvp_impid=e677c7e3347545efbd7ed7fdc98fce4a
r.turn.com/block/dvfu/ Frame 9C72 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://r.turn.com/block/dvfu/&dvp_impid=e677c7e3347545efbd7ed7fdc98fce4a?cbust=1668378922820680
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
dc_oe=ChMI-9Ok5pus-wIVHAxoCB2lZgK9EAAYACCy8KtU;met=1;ecn1=1;etm1=0;eid1=960584;
ade.googlesyndication.com/ddm/activity/ Frame 7CD3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-9Ok5pus-wIVHAxoCB2lZgK9EAAYACCy8KtU;met=1;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame ACFA 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=firstQuartile&imp=2e9f07bb-6aca-4df9-83b7-bc09b4d18a30&ag=xejceum&crid=2zxxzb3e&cf=3592660&fq=0&t=1&td_s=simcast.com&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=&agsa=&wp=Y3FxJQAJ-isITwSsAArA_6dESMxvBYu3Q9W4kw&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-9505823743978337&rlangs=en&mlang=&did=2147221&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=MAQ4AkgAUARYAYABAIgBApABALABALoBBQi0ARgCyQEzMzMzM7NBQA..&dur=CkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..&durs=bua7fp&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&testid=mkts-4636-disabled&said=FXmf02SyNYzrSrEpd8IOvA%3D%3D&auct=3&cxdur=0-15&cxlvs=0&sfe=15a8f126&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:22 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
/
googleads.g.doubleclick.net/pagead/interaction/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChSBdJXFxY6v0J6yJvPIP_4GrwAW7z9r0XO6Jjs5SwI23ARABIABgybajiPCj7BKCAR1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzN8gBBeACAKgDAZgEAKoEgwJP0NIIBYkw3a04QZB2uF1Cmcf-8TcB0_5Z2znD_74O0W8UWWVZ-Rry58aVI65TWuUSAilKUqufx6-cHizaMgosk_lXwPyXCNR7dGG57AyJLFSg1GR_0fYMxU7xOTfXlv5jOfJuHQXCItfnnyElhP1srzuaR62ecECa9uipjpMgdMrSOg-7lRftJFm5Zol0rm8ri8tZqDL6mTyriUSIqFdRJNkBJvht0OGE01PLHxr7BRdDAqXbHpYAnnkH8e27RogoFHq5wp0QFN4LL2UtXw8sl3_lgNlr2xbJDl4a8RVRXO1HH7JX-AWrQbgcGeqAnKpHJppjtXrwavMPdCq6G02T4lrQ4AQBgAbRw6HYx6i-rqwBoAYqqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAPIHAiAB0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB&sigh=ZE_9QvdXsiE&label=videoplaytime25&ad_mt=3860&acvw=sv%3D941%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D3888,0,0,0,0%26mtos%3D3888,3888,3888,3888,3888%26amtos%3D0,0,0,0,0%26mcvt%3D3888%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3888%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2442%26pst%3D1193%26vpaid%26dur%3D15000%26vmtime%3D3847%26dtos%3D1880%26dtoss%3D2%26dvs%3D1880%26dfvs%3D1880%26dvpt%3D1880%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3888,3888,3888,3888,3888%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1191%26femvt%3D0%26emc%3D22%26emuc%3D0%26emb%3D21,0,0,0,0%26avms%3Dexc%26qi%3D42438037%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26pnmm%3D1668378916639%26ptlt%3D1668378922875%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3888,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.16%26t%3D1668378918140&sdkv=h.3.544.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MDY5NzY0NzYwQMwDCmYIARISaW5zaWdodC5hZHNydnIub3JnGg5UaGUgVHJhZGUgRGVzayADKggyenh4emIzZTIIMnp4eHpiM2VAhwFSJQivEBAEJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkjOBlAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B79lEJXFxY9_6JayJvPIP_4GrwAXUvPyhRgAAABABING9tz04AVi5v4HKgwRgybajiPCj7BKyAQtzaW1jYXN0LmNvbboBCzQ4MHgyNzBfeG1syAEF2gE8aHR0cHM6Ly9zaW1jYXN0LmNvbS8_ZD10cnl5b3VyZmlyc3QuaWN1JnBjaWQ9ODAyJnJpZD0xNTImYT0wmALQjAHAAgLgAgDqAh0vOTIwNTYyODEvc2ltY2FzdC5jb20tcHJlbWl1bfgC8tEekAPoApgD0AWoAwHgBAHSBQYQmIWlzhaQBgGgBjuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAfIHAiAB0ggPCIBhEAEYHTICigI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=bT32gft19ic&label=videoplaytime25&acvw=sv%3D941%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D3888,0,0,0,0%26mtos%3D3888,3888,3888,3888,3888%26amtos%3D0,0,0,0,0%26mcvt%3D3888%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3888%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2442%26pst%3D1193%26vpaid%26dur%3D15000%26vmtime%3D3847%26dtos%3D1880%26dtoss%3D2%26dvs%3D1880%26dfvs%3D1880%26dvpt%3D1880%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3888,3888,3888,3888,3888%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1191%26femvt%3D0%26emc%3D22%26emuc%3D0%26emb%3D21,0,0,0,0%26avms%3Dexc%26qi%3D42438037%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26pnmm%3D1668378916639%26ptlt%3D1668378922875%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3888,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.16%26t%3D1668378918140&sdkv=h.3.544.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MDY5NzY0NzYwQMwDCmYIARISaW5zaWdodC5hZHNydnIub3JnGg5UaGUgVHJhZGUgRGVzayADKggyenh4emIzZTIIMnp4eHpiM2VAhwFSJQivEBAEJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkjOBlAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&ldt=AD_QUARTILE&key=eKVKXbhX&seq=1&order=12&absoluteTime=7833.5&relativeTime=6496.8&sm_id=2359689&visiblestatecd=I&soundcd=OFF&quartile=1&adIndex=0&pposition=home&rand=6
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:22 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
&dvp_impid=c4827aad91a74ffe9290f18d979c45fc
r.turn.com/block/dvfu/ Frame 967B 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://r.turn.com/block/dvfu/&dvp_impid=c4827aad91a74ffe9290f18d979c45fc?cbust=1668378923197653
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
event.png
tpsc-nyc.doubleverify.com/ Frame 9C72 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-nyc.doubleverify.com/event.png?impid=e677c7e3347545efbd7ed7fdc98fce4a&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=2697&eoid=11&msrjs=3130&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=155&tetms=12&msltms=65&vltms=2697&sei=289&vetms=28&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=28&isumms=27&nvr=6&isgmmims=28&isgmv4mims=28&elmtp=6&isbxdms=4829&b0=100&b11=4861&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=4961&sftb=4961&msrdp=1&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1029&isuiabvms=1029&isgmpims=146&isgmv4dpims=1029&ispmxpms=1029&engalms=27&dvp_dpr=1&ttfurm=5731&cbust=1668378925822943
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.86 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb116.doubleverify.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 13 Nov 2022 22:34:55 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
11/12/2022 22:35:25
event.png
tpsc-nyc.doubleverify.com/ Frame 967B 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-nyc.doubleverify.com/event.png?impid=c4827aad91a74ffe9290f18d979c45fc&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=3138&eoid=11&msrjs=3130&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=162&tetms=11&msltms=92&vltms=3138&sei=289&vetms=16&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=62&isumms=62&nvr=2&isgmmims=62&isgmv4mims=62&elmtp=6&isbxdms=5264&b0=5401&adhgt=250&adwdth=300&norwdth=300&norhgt=250&dvp_vsosnmr=1&lftb=5401&sftb=5401&msrdp=1&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=61&dvp_dpr=1&ttfurm=6196&cbust=1668378926196712
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.86 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb116.doubleverify.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 13 Nov 2022 22:35:26 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
11/12/2022 22:35:26
dc_oe=ChMI-9Ok5pus-wIVHAxoCB2lZgK9EAAYACCy8KtU;met=1;ecn1=1;etm1=0;eid1=18;
ade.googlesyndication.com/ddm/activity/ Frame 7CD3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-9Ok5pus-wIVHAxoCB2lZgK9EAAYACCy8KtU;met=1;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame ACFA 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=midpoint&imp=2e9f07bb-6aca-4df9-83b7-bc09b4d18a30&ag=xejceum&crid=2zxxzb3e&cf=3592660&fq=0&t=1&td_s=simcast.com&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=&agsa=&wp=Y3FxJQAJ-isITwSsAArA_6dESMxvBYu3Q9W4kw&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-9505823743978337&rlangs=en&mlang=&did=2147221&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=MAQ4AkgAUARYAYABAIgBApABALABALoBBQi0ARgCyQEzMzMzM7NBQA..&dur=CkQKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIfCKX__________wESDm1vYXQtcmVwb3J0aW5nKgIIAQ..&durs=bua7fp&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&testid=mkts-4636-disabled&said=FXmf02SyNYzrSrEpd8IOvA%3D%3D&auct=3&cxdur=0-15&cxlvs=0&sfe=15a8f126&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:26 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
/
googleads.g.doubleclick.net/pagead/interaction/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChSBdJXFxY6v0J6yJvPIP_4GrwAW7z9r0XO6Jjs5SwI23ARABIABgybajiPCj7BKCAR1jYS12aWRlby1wdWItOTUwNTgyMzc0Mzk3ODMzN8gBBeACAKgDAZgEAKoEgwJP0NIIBYkw3a04QZB2uF1Cmcf-8TcB0_5Z2znD_74O0W8UWWVZ-Rry58aVI65TWuUSAilKUqufx6-cHizaMgosk_lXwPyXCNR7dGG57AyJLFSg1GR_0fYMxU7xOTfXlv5jOfJuHQXCItfnnyElhP1srzuaR62ecECa9uipjpMgdMrSOg-7lRftJFm5Zol0rm8ri8tZqDL6mTyriUSIqFdRJNkBJvht0OGE01PLHxr7BRdDAqXbHpYAnnkH8e27RogoFHq5wp0QFN4LL2UtXw8sl3_lgNlr2xbJDl4a8RVRXO1HH7JX-AWrQbgcGeqAnKpHJppjtXrwavMPdCq6G02T4lrQ4AQBgAbRw6HYx6i-rqwBoAYqqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAPIHAiAB0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB&sigh=ZE_9QvdXsiE&label=videoplaytime50&ad_mt=7841&acvw=sv%3D941%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D7890,0,0,0,0%26mtos%3D7890,7890,7890,7890,7890%26amtos%3D0,0,0,0,0%26mcvt%3D7890%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7890%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D4848%26pst%3D1193%26vpaid%26dur%3D15000%26vmtime%3D7850%26dtos%3D4002%26dtoss%3D3%26dvs%3D4002%26dfvs%3D4002%26dvpt%3D4002%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4002,4002,4002,4002,4002%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1191%26femvt%3D0%26emc%3D42%26emuc%3D0%26emb%3D41,0,0,0,0%26avms%3Dexc%26qi%3D42438037%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26pnmm%3D1668378916639%26ptlt%3D1668378926876%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,7890,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.16%26t%3D1668378918140&sdkv=h.3.544.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MDY5NzY0NzYwQMwDCmYIARISaW5zaWdodC5hZHNydnIub3JnGg5UaGUgVHJhZGUgRGVzayADKggyenh4emIzZTIIMnp4eHpiM2VAhwFSJQivEBAEJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkjOBlAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame ACFA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B79lEJXFxY9_6JayJvPIP_4GrwAXUvPyhRgAAABABING9tz04AVi5v4HKgwRgybajiPCj7BKyAQtzaW1jYXN0LmNvbboBCzQ4MHgyNzBfeG1syAEF2gE8aHR0cHM6Ly9zaW1jYXN0LmNvbS8_ZD10cnl5b3VyZmlyc3QuaWN1JnBjaWQ9ODAyJnJpZD0xNTImYT0wmALQjAHAAgLgAgDqAh0vOTIwNTYyODEvc2ltY2FzdC5jb20tcHJlbWl1bfgC8tEekAPoApgD0AWoAwHgBAHSBQYQmIWlzhaQBgGgBjuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAeAHAfIHAiAB0ggPCIBhEAEYHTICigI6AoBA2AgCgAoFmAsB0BUB-BYBgBcB&sigh=bT32gft19ic&label=videoplaytime50&acvw=sv%3D941%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D563,20,991,781%26tos%3D7890,0,0,0,0%26mtos%3D7890,7890,7890,7890,7890%26amtos%3D0,0,0,0,0%26mcvt%3D7890%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7890%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D4848%26pst%3D1193%26vpaid%26dur%3D15000%26vmtime%3D7850%26dtos%3D4002%26dtoss%3D3%26dvs%3D4002%26dfvs%3D4002%26dvpt%3D4002%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4002,4002,4002,4002,4002%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1191%26femvt%3D0%26emc%3D42%26emuc%3D0%26emb%3D41,0,0,0,0%26avms%3Dexc%26qi%3D42438037%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26pnmm%3D1668378916639%26ptlt%3D1668378926876%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,7890,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.16%26t%3D1668378918140&sdkv=h.3.544.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo2MDY5NzY0NzYwQMwDCmYIARISaW5zaWdodC5hZHNydnIub3JnGg5UaGUgVHJhZGUgRGVzayADKggyenh4emIzZTIIMnp4eHpiM2VAhwFSJQivEBAEJQAAcEEoAToHdW5rbm93bkIHdW5rbm93bkjOBlAAYAEYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 22:35:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=RFsQtCQSgddCEx0z&instance=214970737&version=7.10.1&age=221113&ldt=AD_QUARTILE&key=eKVKXbhX&seq=1&order=13&absoluteTime=11835.3&relativeTime=10498.6&sm_id=2359689&visiblestatecd=I&soundcd=OFF&quartile=2&adIndex=0&pposition=home&rand=6
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/20221108/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.239.233 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-239-233.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:26 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p
sb.scorecardresearch.com/ Frame 4DC8 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1668378916696&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10002&ns_st_cl=15000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ad=mid-roll&ns_st_ci=2359689&ns_st_pt=10002&ns_st_dpt=10002&ns_st_ipt=10002&ns_st_ap=10002&ns_st_dap=10002&ns_st_et=10002&ns_st_det=10002&ns_st_upc=10002&ns_st_dupc=10002&ns_st_iupc=10002&ns_st_upa=10002&ns_st_dupa=10002&ns_st_iupa=10002&ns_st_lpc=10002&ns_st_dlpc=10002&ns_st_lpa=10002&ns_st_dlpa=10002&ns_st_pa=10002&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1668378929007&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=va12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=NBA&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0&c8=&c9=https%3A%2F%2Fsimcast.com%2F%3Fd%3Dtryyourfirst.icu%26pcid%3D802%26rid%3D152%26a%3D0
Requested by
Host: simcast.com
URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-43.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://simcast.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 22:35:29 GMT
via
1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
content-length
43
x-amz-cf-id
gn5bbMmV3kImo5Den8xgS5qx8O9EzTbdhOIW9zNw8kk2Ea13ceVdSw==
x-cache
Miss from cloudfront
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323
Domain
csync.loopme.me
URL
https://csync.loopme.me/?partner_id=2259&vt=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=8009236428
Domain
api.feedad.com
URL
https://api.feedad.com/1.1/web/usersyncs?b=932e9f17-ff7f-4fda-994f-36e7e4934bc1&u=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=6193282227
Domain
x.fidelity-media.com
URL
https://x.fidelity-media.com/match.php?dsp=RHTMKUB&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3841941762
Domain
aorta.clickagy.com
URL
https://aorta.clickagy.com/pixel.gif?redir=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Fclickagy%2F%7Bvisitor_id%7D%3Fdspret%3D1%26redir%3Dhttps%253A%252F%252Faorta.clickagy.com%252Fpixel.gif%253Fch%253D139%2526cm%253D%255BRX_UUID%255D&rndcb=8447185330
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Floopme%2F%2F%7Bdevice_id%7D%3Fzcc%3D0%26sspret%3D1&pubid=9718&rndcb=4983780829
Domain
rp.gwallet.com
URL
https://rp.gwallet.com/r1/cm/p121?uuid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=4357782374
Domain
ffbtas.com
URL
https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=541745869;1402230080;1709765917;201339086;259151345;1725065545&rnd=2005715089&pcid=94c6e74e-2aca-4fb4-8d99-f61749106516
Domain
csync.loopme.me
URL
https://csync.loopme.me/?partner_id=2259&vt=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=615485646
Domain
api.feedad.com
URL
https://api.feedad.com/1.1/web/usersyncs?b=932e9f17-ff7f-4fda-994f-36e7e4934bc1&u=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=8513057832
Domain
x.fidelity-media.com
URL
https://x.fidelity-media.com/match.php?dsp=RHTMKUB&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=1782563358
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Ftracker.ortb.vuukle.com%2Fsync%3Fid%3D43%26uid%3D%7Bdevice_id%7D%0A%26pubid%3D11486
Domain
aorta.clickagy.com
URL
https://aorta.clickagy.com/pixel.gif?redir=https%3A%2F%2Fsync.1rx.io%2Fusersync%2Fclickagy%2F%7Bvisitor_id%7D%3Fdspret%3D1%26redir%3Dhttps%253A%252F%252Faorta.clickagy.com%252Fpixel.gif%253Fch%253D139%2526cm%253D%255BRX_UUID%255D&rndcb=6708957498
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Floopme%2F%2F%7Bdevice_id%7D%3Fzcc%3D0%26sspret%3D1&pubid=9718&rndcb=7906978408
Domain
rp.gwallet.com
URL
https://rp.gwallet.com/r1/cm/p121?uuid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5894318611
Domain
ffbtas.com
URL
https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=541745869;1402230080;1709765917;201339086;259151345;1725065545&rnd=-517808382&pcid=94c6e74e-2aca-4fb4-8d99-f61749106516
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESECTBPhYN6VPTkB1Kd7PSBPA&google_cver=1&google_push=ASkJ3FZLd38MhvZd02OborV-avY7qHxF3NesFCpoTOLwMQFP0_YqrZDAbIawNuhV2cJ3Y4NaMfGnO1jK9VyWu6-PoXzbOwvmVQ

Verdicts & Comments Add Verdict or Comment

305 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| $ function| jQuery function| LoadExt function| getCookie object| aawChunk object| aaw object| _pbjsGlobals object| pbjs object| googletag object| teads_analytics function| docReady object| mnet object| liQ function| myConfirm function| myFunction object| plBanner function| displayModal function| displayComment function| displayModalURL function| displayBroadCastModal object| ggeac object| google_tag_data object| google_js_reporting_queue function| gtag object| dataLayer number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| Criteo object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| __mobxInstanceCount undefined| __mobxGlobals object| gaplugins object| gaData object| headertag string| p302844797 string| p302844852 number| p302844853 undefined| oGetPageStats_ undefined| p302844882 undefined| p302844877 undefined| p302844874 undefined| oDeleteHardcodeRefresh_ undefined| oRefreshHardcode_ undefined| p302844871 undefined| p302844854 undefined| p302844850 undefined| p302844848 undefined| p302844860 undefined| p302844857 undefined| p302844855 undefined| p302844831 undefined| p302844836 undefined| p302844822 undefined| p302844821 undefined| p302844819 undefined| p302844812 undefined| oEnableNullChecklistener_ undefined| p302844864 undefined| p302844803 undefined| oPageUnload undefined| p302844732 undefined| p302844737 undefined| p302844856 undefined| p302844722 undefined| p302844723 undefined| p302844724 undefined| p302844725 undefined| p302844726 undefined| p302844728 undefined| p302844729 undefined| p302844750 undefined| p302844792 undefined| p302844733 undefined| p302844800 undefined| p302844768 undefined| p302844769 undefined| p302844806 undefined| p302844807 undefined| p302844811 undefined| p302844813 undefined| p302844815 undefined| p302844865 undefined| p302844840 undefined| p302844867 undefined| oObserverChanges_ undefined| p302844866 undefined| p302844868 undefined| oAudienceListenerEnabled_ undefined| p302844817 undefined| oDevice undefined| oParentHostname_ undefined| oParentPathname_ undefined| p302844818 undefined| p302844820 undefined| p302844835 undefined| p302844837 undefined| p302844838 undefined| p302844827 undefined| oAdSlots_ object| otkjs undefined| p302844858 undefined| p302844859 undefined| optimeraInsights undefined| p302844869 undefined| oLoadedAdImpressionDivs_ undefined| oTrackSlots_ undefined| p302844880 undefined| p302844881 undefined| oEnableInfiniteScrollUrls_ undefined| p302844876 undefined| p302844879 undefined| p302844883 undefined| oHasStnVideo_ undefined| p302844777 undefined| p302844730 undefined| p302844731 undefined| p302844799 undefined| p302844779 undefined| p302844778 undefined| p302844781 undefined| p302844885 undefined| p302844886 object| opbjs object| oaudLibjs object| ovpjs object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_773247 object| closure_lm_890555 object| GoogleGcLKhOms object| closure_lm_111264 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| _moatApi7559460 object| Criteo_identitytag_132 function| setImmediate function| clearImmediate function| __esp_getUID2Async object| __uid2 function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589_Y function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_6 function| sync16589_ua function| sync16589_4 function| sync16589_8 function| sync16589_va function| sync16589_7 function| sync16589_5 function| sync16589_3 function| sync16589_wa function| sync16589_9 function| sync16589_xa function| sync16589_ya function| sync16589_$ function| sync16589_za function| sync16589_Aa function| sync16589_Ba function| sync16589_Ca object| lotame_sync_16589 undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

253 Cookies

Domain/Path Name / Value
simcast.com/ Name: PHPSESSID
Value: cnpf0kglvhhj1nlrmrktveijjm
simcast.com/ Name: uidinfer
Value: 71294669
simcast.com/ Name: _uc_referrer
Value: http://tryyourfirst.icu/
simcast.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
embed.sendtonews.com/ Name: AWSALBTGCORS
Value: q9d+629s1yctWLosI7Jj+iYLI7AwzGJAiyLx/2FYGMicc8rf8OfxjTcsU29Z6soCFjD9r/NuXhEAnu7/E19NxKZFseGvNSZFgXqWnvTTsK+wBtKE8jNwRxEvRaunY3++BZqkhjaJ9CXMc6CPUx5bgXrKoaVfGU0POZ5kyvQLh/uSDILyk6U=
embed.sendtonews.com/ Name: AWSALBCORS
Value: nzT0DYc0ox/MprVUeh6Yiu/wwMaWk1U48BjWyeVsuDjxmqY++MXoBCs5HsMEfaFzCBUteRrLN3feXHQtYPU4lfpUPDilV4x6kgQITgrL9jlV8wiaEVn3Q5hxrz9V
simcast.com/ Name: mess
Value: 1
simcast.com/ Name: _tfpvi
Value: NDQxNDVmM2YtOGE1ZC00MTUwLTkwYjctNTE5N2RlNWFhOGMzIzItNw%3D%3D
.simcast.com/ Name: _ga
Value: GA1.2.396667311.1668378916
.simcast.com/ Name: _gid
Value: GA1.2.100556751.1668378916
.simcast.com/ Name: _gat_gtag_UA_205158314_1
Value: 1
.simcast.com/ Name: __gpi
Value: UID=000008a90221b371:T=1668378916:RT=1668378916:S=ALNI_Mb41NV72n-Lp_2a1HpQKHvxZWr2UA
.360yield.com/ Name: tuuid
Value: 100556db-b1b8-4709-bd17-f415fe8f25ce
.360yield.com/ Name: tuuid_lu
Value: 1668378916
.yahoo.com/ Name: A3
Value: d=AQABBCRxcWMCEMgh5veltPnJQV4XZHFVQwsFEgEBAQHCcmN7YwAAAAAA_eMAAA&S=AQAAAlSNeFUnR_KOEoq5yB31Utk
.adsrvr.org/ Name: TDID
Value: 8a252b93-28d3-40a0-bf24-181284989787
.rkdms.com/ Name: sessionid
Value: h-cbc7129a27df4e654deb338e8d3d361c_t-1668378916
.simcast.com/ Name: ajs_user_id
Value: null
.simcast.com/ Name: ajs_group_id
Value: null
.simcast.com/ Name: ajs_anonymous_id
Value: %22d7a9285f-9eea-4816-9333-02274bc76711%22
.seedtag.com/ Name: st_uid
Value: 51007bd9-21b7-42db-aaba-1e27ddabec88
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPVVuaXRlZCBTdGF0ZXMmY291bnRyeV9pc28yPVVTJmNvdW50cnlfaXNvMz1VU0EmcmVnaW9uX25hbWU9SWxsaW5vaXMmcmVnaW9uX2lzbzI9SUwmY2l0eV9uYW1lPUNoaWNhZ28mbG9uZ2l0dWRlPS04OC4xOTk1JmxhdGl0dWRlPTQxLjg4NzkmbWV0cm89NjAyJnppcD02MDE4NQ==
.reson8.com/ Name: RCID2
Value: 82B2A1CC274D12D8D6E05507A96EBD64
.spotxchange.com/ Name: audience
Value: 728114fc-63a3-11ed-aabe-12a4cdd40003
.doubleclick.net/ Name: IDE
Value: AHWqTUkV1fLlR37GWcpJQXccEkW376m0-F9w10d5c2LspMnk6nstQidJ5t0MrCcXlVA
.simcast.com/ Name: __gads
Value: ID=4a28ec0a61629106:T=1668378916:S=ALNI_MaDgCdD3XKVpzPoRg25zyYlKHlNmA
simcast.com/ Name: _lr_retry_request
Value: true
simcast.com/ Name: _lr_env_src_ats
Value: false
.liadm.com/ Name: lidid
Value: 7c8f3792-8ec0-4d8a-8e07-27963816916e
simcast.com/ Name: pbjs_li_nonid
Value: %7B%22unifiedId%22%3A%22kVFDzRqMEyopyPrpMBrvjANFD0ExUkyeKAQcZA%22%7D
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 27c9eca1ff9b10655309132210571aed
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDJPtkxNTjRMS7NMMjQwMzU1NrA0NDYyMjQwNTdMTE1hAILkwkI1EA0FAEYnCd8%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBILixUA1JQAAASJwFs"
.simcast.com/ Name: panoramaId_expiry
Value: 1668465318316
.simcast.com/ Name: _cc_id
Value: 27c9eca1ff9b10655309132210571aed
.criteo.com/ Name: uid
Value: 9beebe1b-2bc8-4709-8856-7fceb2e55cca
.simcast.com/ Name: cto_bidid
Value: yDo7BF92cUVIVndoUHlCZUlOVncwWDc5Nmc1Mno3c2ZnZjglMkY4RDhvRmQxNzN6UnpOS2VJaiUyRmo2WjVGcmtTRFhPeXBsdkRNRXVycllCZkZnWVMzWlQ1YTl2bFElM0QlM0Q
.simcast.com/ Name: cto_bundle
Value: K8vIkV9xQkhQYlB2SktQYks0dHJtcXBEbUJoRmpkRTN4VWRnMnQ0WUpJTDlrN1RjaGNSNzlGbzBwRWxleWR0Sjh4UmRPMyUyRjdKSVFkajZmdFpseEElMkZIR1VrSElMJTJCZzAyNVJjUFhBSUxxZ2x0JTJGWTNPNlJhVlZxSFNXJTJCT1ZYaGFRTnlTVHB6VSUyQlVtMjUyNDg5eVpCMG1Tek0xdHclM0QlM0Q
.mxptint.net/ Name: mxpim
Value: R1D531_F94EB0DC_7D067509.1.63717126
.mfadsrvr.com/ Name: tuuid
Value: c090527e-c8bb-4ae7-b840-988360fce03b
.mfadsrvr.com/ Name: c
Value: 1668378918
.mfadsrvr.com/ Name: tuuid_lu
Value: 1668378918
.adform.net/ Name: C
Value: 1
.inmobi.com/ Name: idsp_c
Value: a374742b-dd46-4c55-896c-eaab6587cc77
.adform.net/ Name: uid
Value: 3481187484987436450
.turn.com/ Name: uid
Value: 3847914353920511232
.turn.com/ Name: fc
Value: sNkGNLzXQLznhBUJnP5GdBp3RswEpBKb0s9hx0U0i9F93IJwOwdqb8LmtulkbZA6YFtzwRpyzxklOTNKGzMKstAsYvoGh4GcDyW34XVI6o8aBqjUfDcAQyX6oVrpeu1OMy_O-3OsB_HvyC7s_31y7A
.uuidksinc.net/ Name: jcsuuid
Value: HEkPJydq3RAAisr2UASN
.scorecardresearch.com/ Name: UID
Value: 18A27b765b250ddd18d86c81668378919
.mfadsrvr.com/ Name: ssh
Value: !rhythmone,1668378919!google,1668378918
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 1dfa079c-9b83-533e-a1dd-3d9dc2ac4cba
.betweendigital.com/ Name: ss
Value: 1
.bfmio.com/ Name: __io_cid
Value: 6535437db009f46623fd9b4ce297a057beb4cd3f
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-70318d75-bb28-4261-97c8-b744639a5d6b-005%22%7D
.lkqd.net/ Name: lkqdidts
Value: 1668378919
.bfmio.com/ Name: __179_cid
Value: RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
.lkqd.net/ Name: sr7
Value: 1|RX-70318d75-bb28-4261-97c8-b744639a5d6b-005|1668378919
.lkqd.net/ Name: lkqdid
Value: FC5wbsln_D0
.mgid.com/ Name: __cf_bm
Value: EVJEysx91aol4fbe9y_lLK4RisgmSScU8OoC_HtnGKQ-1668378919-0-AcwMD0tTCl+kLAVEVRaWnZCEj8jfkvFeeye71JJ73wXu+m1L6Vy3JzkGM6jzjXkdUjZg6B037A1ABddBWPWwL0s=
.altitude-arena.com/ Name: um
Value: !V8N4GGRTST2E9DOSUFV65IOIM8,RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&KRTB&17107-RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.turn.com/ Name: pxs
Value: 172291716%2319309%2C173614712%2319309%2C172291712%2319309%2C172291714%2319309%2C187431564%2319309%2C172291727%2319309%2C172291722%2319309%2C172291723%2319309%2C172291669%2319309%2C172291670%2319309%2C172291729%2319309%2C257013671%2319309%2C172291708%2319309%2C172291710%2319309%2C173954562%2319309%2C173954563%2319309%2C172291738%2319309%2C172291706%2319309
.contextweb.com/ Name: V
Value: aSpTw72oBezE
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0afd547b8b884269
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~289y:17mv~289y:175v~289y"
.advertising.com/ Name: A3
Value: d=AQABBChxcWMCEFohVxoLoSfK3M72oYEXUkwFEgEBAQHCcmN7YwAAAAAA_eMAAA&S=AQAAAkvemOU7XTELAc7rCT2Y4d0
.id5-sync.com/ Name: callback
Value:
.sync.viewdeos.com/ Name: vmuid
Value: 9c685193e8d8984d
.tapad.com/ Name: TapAd_TS
Value: 1668378920070
.tapad.com/ Name: TapAd_DID
Value: d6fdc4c1-2f76-47ff-8b75-92c1c7dcf10e
.sync.viewdeos.com/ Name: a316745
Value: RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
.adtelligent.com/ Name: vmuid
Value: 9c685193e8d8984d
.adtelligent.com/ Name: a541630
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.adnxs.com/ Name: uuid2
Value: 3466350839015920407
.lijit.com/ Name: ljt_reader
Value: FpYrdQZHtPzoiSclTbOgNJke
.casalemedia.com/ Name: CMID
Value: Y3FxKFOaQijXOw9VfulAuwAA
.casalemedia.com/ Name: CMPS
Value: 549
.casalemedia.com/ Name: CMPRO
Value: 549
.3lift.com/ Name: tluid
Value: 2086264215600615833812
.socdm.com/ Name: SOC
Value: Y3FxKMCo5uYAADAn96EAAAAA
.infolinks.com/ Name: URUSERCOOKIE
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.adtelligent.com/ Name: a721378
Value: RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
.ads.stickyadstv.com/ Name: uid-bp-41330
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.teads.tv/ Name: tt_viewer
Value: b8349b4c-cdab-4479-baf4-11fc14a23394
.fwmrm.net/ Name: _uid
Value: "o2dfe_7165632898735971669"
.rubiconproject.com/ Name: khaos
Value: LAFXQDQC-C-2NT5
.adingo.jp/ Name: ID
Value: a5e90b5145ad4e46c202793b4d6b11a3
.owneriq.net/ Name: si
Value: Q7216653201746239856P
.owneriq.net/ Name: gguuid
Value: 1
.us.ck-ie.com/ Name: CID
Value: 67b8bea4c27b2d3799ea2356f5375e5e7e24e0ef
.servenobid.com/ Name: pid_321
Value: RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
.bidswitch.net/ Name: c
Value: 1668378920
.bidswitch.net/ Name: tuuid_lu
Value: 1668378920
.amazon-adsystem.com/ Name: ad-id
Value: A9Sx-3Dm80CfrRHSbMBBp-E
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.krushmedia.com/ Name: krm_usr
Value: e21aa261-00b2-4800-a51a-8bde5150b6d1
.lijit.com/ Name: _ljtrtb_1
Value: 3847914353920511232
.kargo.com/ Name: ktcid
Value: f363f3f3-d196-08c8-5633-b469b8b71be4
.tribalfusion.com/ Name: ANON_ID
Value: aynseFRwEfFS2QVormvlcX7RZaD0qduA6IwQUvtMUwOYKMGOqbSDcwGhDCRZb4EUChrT57bx3JSwU4nD8wZas6g
.openx.net/ Name: i
Value: b0cf3ea7-cf0b-48b0-932a-a8dcc17f15fe|1668378920
.tremorhub.com/ Name: tvid
Value: 917eca24ed76413fbae6798a7fcd95af
.tremorhub.com/ Name: tv_UIDF
Value: CAESEFjSa2A6ZrEZzeSgC1ngGQw
.tremorhub.com/ Name: tvssa
Value: 1668378920323
.tidaltv.com/ Name: tidal_ttid
Value: 4b6d3f46-f7ff-43da-bc78-c442027ecfb5
.atemda.com/ Name: UM1
Value: ZwAAAB-LCAAAAAAAAAvj0uNIFNLi4kn0Nsjz9jUw8Av1ChXi5vhyZMWvSdsXWQuwSoE4D6asaFgC5GgxcJly8AgZcglbGJsbGRsaGRqZmBiYWJgbGBlbALX9Ora3f80XqLZfx27e-XZjMVgbAMmhbElnAAAA0
.atemda.com/ Name: vi
Value: 42fe6cbb46267f390581da164f545821
.atemda.com/ Name: fid
Value: 42fe6cbb46267f390581da164f545821
.aniview.com/ Name: 2_C_200
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
sync.aniview.com/ Name: 2_C_200
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.ads.stickyadstv.com/ Name: UID
Value: 2a566db8b3638d54a3e6a6e02292e4
.ads.stickyadstv.com/ Name: uid-bp-171
Value: 3847914353920511232
.w55c.net/ Name: wfivefivec
Value: HOgpAizu1OUlzq5
.id5-sync.com/ Name: id5
Value: f8408762-6439-4b21-989b-b61e207850f4#1668378919266#3
.w55c.net/ Name: matchgoogle
Value: 5
.360yield.com/ Name: umeh
Value: !79,0,1730586920,-1
.spotim.market/ Name: vmuid
Value: 9c685193e8d8984d
.bidswitch.net/ Name: tuuid
Value: 646fd8ed-ac69-4a32-a122-20903ac4341c
.dyntrk.com/ Name: dyn_u
Value: 05030002_637171286390e
.media.net/ Name: visitor-id
Value: 3113805201193367000V10
.media.net/ Name: data-amb
Value: 8372312124404870238~~3
.krushmedia.com/ Name: krm_r
Value: 424|97
.smartadserver.com/ Name: pid
Value: 2256971783624633119
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.spotim.market/ Name: a708476
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.servebom.com/ Name: up_58
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.justpremium.com/ Name: jpxumaster
Value: lk2-um-bfeb8f08-96fa-4da8-b070-7171050cd12e-1613989936
.justpremium.com/ Name: jpxumatched
Value: un
.outbrain.com/ Name: obuid
Value: 2427df17-57b5-489a-b2a8-6942a98b69a3
.sharethrough.com/ Name: stx_user_id
Value: 8e67f6cd-2adf-4d76-b8af-8df7fe2703bd
.360yield.com/ Name: um
Value: !79,n82M1sJuS4hqNBTrl6m-3RYh0mCp6jt-0IMcYKRErzjR-k-sv5OZ3d8nLsOSBqPDDEk3GG7Lz7t2sBUU,1676154920
.technoratimedia.com/ Name: tads_uid_cd
Value: 20221113223520+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uid
Value: 8C17FD98286A40A1AEB7600524C52C7F
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-70318d75-bb28-4261-97c8-b744639a5d6b-005
.taboola.com/ Name: t_gid
Value: 52670395-15db-4442-95a0-bbb7b374f50d-tucta6af6a8
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjYwsDI0s9A1NDXVNTQyBwDkqc1KEQAAAA=="
.yieldlab.net/ Name: id
Value: b6cb3197-2552-4064-b661-bc339f1e02e9
.sync.viewdeos.com/ Name: a322319
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.tappx.com/ Name: TXCSDMN_162
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.onetag-sys.com/ Name: OTP
Value: eXeCj4TeJQEwgUKspDVHrorAjcd3MV37GwPsHkMRW80
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI7Jvihaz0ojsQBRIUCgV0YXBhZBILCKzh_Y-s9KI7EAUSFgoHcnViaWNvbhILCLbo0JKs9KI7EAUYASABKAIyCwiK5IfBwvSiOxAFOAFaBzhoOXUxMWhgAg..
.cootlogix.com/ Name: ck48wz12sqj7
Value: ZYW11HtBX0flBJHLM1Y3K1UUJSZocm59QyRrCQdVJmdwf31Ab2EIV1xvc319K1l2YVUHXyZ%2BeHV%2BQCZ6HEQHNy8tNmUGc3oKRD4aZ3wpcBd6OQEHQXMsKi9lQHJrVUtUeigtYXlEIW8GUgomL357fVlyaAVEQGA5ICUmETh1Qg4VNiIlIyYRYGISNDRvfi10K0wjaVFLXSQoK2F8RHE9HV5UIC9lfXgXdW4EAAgnfH95ZURybRJKTjckOjkkDWBiEjQ0b34tdCtMI2lRS10kKCthfERxPR1eVCAvZX14F3VuBAAIJ3x%2FeWVEcm0SGw%3D%3D
x.videobyte.com/ Name: vbxuid
Value: 1b5d41f4-fe9b-499d-9fc9-c94d993dafa7
.truoptik.com/ Name: to_version_s
Value: b2
.truoptik.com/ Name: to_master_s
Value: 296ab168f09cfbbc7c8f5a418642bea1
.bidr.io/ Name: bito
Value: AACws07G4uIAACCR69Mn3A
.bidr.io/ Name: bitoIsSecure
Value: ok
.vuukle.com/ Name: lluid
Value: 90971b68-bb8b-6c61-a098-1596e5e5396e
.yieldmo.com/ Name: yieldmo_id
Value: g17288f00a2e7645c142%7C1668378920836%7C0%7C
.ads.yieldmo.com/ Name: ptrunl
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.smartadserver.com/ Name: csync
Value: 32:3847914353920511232|113:RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
beacon.lynx.cognitivlabs.com/ Name: UID
Value: f386c6ab-198b-452b-bd0c-27ae9f8829c7
beacon.lynx.cognitivlabs.com/ Name: ss
Value: S%2B4F5OSg0m4L4msF9HE5wsyHJcOzy3mO0ZbH1P1AXrtVn2MbPSDsZ%2F942WHjCgQu47JmGh6crgoEMZGS%2Bj5NqA%3D%3D
.smaato.net/ Name: SCM
Value: 592dbee6
.lijit.com/ Name: _ljtrtb_27
Value: 8a252b93-28d3-40a0-bf24-181284989787
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&8a8080b4-d25b-4762-8f44-887dddc3e803"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2466:u=1:x=1:i=1668378920:t=1668465320:v=2:sig=AQFif3fA9_Ph960YqEUE45ozqj87ZTua"
.smaato.net/ Name: SCMaps
Value: 592dbee6
.smaato.net/ Name: SCM1001678
Value: 592dbee6
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005%22%2C%22lastinit%22%3A%7B%222069.24%22%3A1668378919071%2C%222069.44%22%3A1668378919071%2C%222069.5%22%3A1668378919071%2C%222069.29%22%3A1668378919071%2C%222069.47%22%3A1668378919071%2C%222069.27%22%3A1668378919071%2C%222069.39%22%3A1668378919071%2C%222069.26%22%3A1668378919071%2C%222069.38%22%3A1668378919071%2C%222069.1%22%3A1668378919071%2C%222069.32%22%3A1668378919071%2C%222069.56%22%3A1668378919071%2C%222069.50%22%3A1668378919071%2C%222069.25%22%3A1668378919071%2C%222069.33%22%3A1668378919071%2C%222069.48%22%3A1668378919072%2C%222069.60%22%3A1668378919072%2C%222069.41%22%3A1668378919072%2C%222069.58%22%3A1668378919072%2C%222069.55%22%3A1668378919072%2C%222069.36%22%3A1668378919072%2C%222069.54%22%3A1668378919072%2C%222069.49%22%3A1668378919072%2C%222069.43%22%3A1668378919072%2C%222069.10%22%3A1668378919072%2C%222069.61%22%3A1668378919072%2C%222069.46%22%3A1668378919072%2C%222069.6%22%3A1668378919072%2C%222069.31%22%3A1668378919072%2C%222069.59%22%3A1668378919072%2C%222069.42%22%3A1668378919072%2C%222069.35%22%3A1668378919072%2C%222069.34%22%3A1668378919072%2C%222069.57%22%3A1668378919072%2C%222069.28%22%3A1668378919072%7D%2C%22lastsyncall%22%3A1668378919072%2C%22nxtrdr%22%3Afalse%7D
.lijit.com/ Name: ljtrtb
Value: eJwNy8ENQkEIBcBeOEsCD1jAMjz96%2BLGJoy9%2B8%2BT%2BZLSk6w8W93CGhKqMNCDYt30ujjFtE4Gz6DYsZQ738WT7st6x1nDInEX5F1qIzBtjDrGLlt4PnDWUpR3dVbS7w9g4Rsv
.lijit.com/ Name: _ljtrtb_56
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrIwNDAwNjWwMDYyNDYxMTCzNBHiM9Qtq0w3Kkz0Dgv0jnIFAOeE5EglAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrIwNDAwNjWwMDYyNDYxMTCzNBHiM9Qtq0w3Kkz0Dgv0jnIFAOeE5EglAAAA
.lijit.com/ Name: _ljtrtb_85
Value: AACws07G4uIAACCR69Mn3A
.go.sonobi.com/ Name: __uis
Value: 4a835794-74c0-4aa8-945b-26bd565a9291
.go.sonobi.com/ Name: HAPLB8S
Value: s8583|Y3FxL
.tremorhub.com/ Name: tv_UIRO
Value: RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005
.adnxs.com/ Name: anj
Value: dTM7k!M40*fQBY/ghqdmU(7T@SrdY!!]tc18i_j$PTH%IUez4Oa[S1oSjMstQ4PQ?aYkrNOywV=:vb2#3RdMybSV6cooJ[wht#H(<DH(K=`pus=4rgr3jhEU`FR4tjQX3W5I-Ie=4czx5v=hB3KV`wi5Xp7d/+HveRsMN=kA2aGJbtj<QQyO3jzbc!!)mL0BIQa
.vuukle.com/ Name: llum
Value: eyJ2a2wiOnsiNDQiOjE2NjgzNzg5MjA4MTksIjQzIjoxNjY4Mzc4OTIxMDQ1fX0
.betweendigital.com/ Name: ut
Value: Y3FxKQACXXhl6E3nUE0mhg2wcreS9AS1owNnEg==
.admixer.net/ Name: am-uid
Value: 40b4d01df3584208ac50d6e48c50fdc9
.acuityplatform.com/ Name: auid
Value: 708547767479
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMzT6jXVzZXJNYXRjaGluZ0lkJAGEkWxhc3REcm9wVGltZU1pbGxpcyUBQhxkIEaQmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUIcZCBGkI90aGlyZFBhcnR5VXNlcklkalJYLTRlOGM4YTFhLTFmYmMtNDAzZS04OGJlLTEwYzc2NGZkZTY3NS0wMDX7+4Z2ZXJzaW9uwvs="
.gumgum.com/ Name: vst
Value: u_a760e794-7429-45dd-8676-745b657443c4
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnX4XCm2T6eQ0GJ1P-dXQ45XMyILsOPTxrcAvG1fvM5Z1QmI9UI2r2usFyn5QC4TM1
.postrelease.com/ Name: status
Value: 0
.sitescout.com/ Name: ssi
Value: 9e1cb20a-e457-4f67-9c35-3dc329846db1#1668378921294
.ctnsnet.com/ Name: cid
Value: d5f3e722aa17410ebce4d11d325baadd
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTY2ODM3ODkyMTM0MiwiNyI6MTY2ODM3ODkyMTM0MiwiNjQiOjE2NjgzNzg5MjEzNDJ9
.adstanding.com/ Name: _adstanding_id
Value: 1ece8d45ddd757fe1fcc963d30ab1ed7
.deepintent.com/ Name: CDIUSER
Value: di_7cdb8fd1765c4f4c94f68
.dotomi.com/ Name: DotomiTest
Value: 8d34d0fc6421629
.emxdgt.com/ Name: uid
Value: 56801668378921585499b4
.w55c.net/ Name: matchunruly
Value: 5
.emxdgt.com/ Name: apn_id
Value: 3466350839015920407
.mathtag.com/ Name: uuid
Value: 7a036371-7129-4900-9d06-795152530117
.server.cpmstar.com/ Name: USER_ID
Value: %01%40%fd3%9cb6%5c%f6T%89%7b%fd%95%3d
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1h7t|7Eb.0.1
.zemanta.com/ Name: zuid
Value: rDDwvHhuRyW6T86pUZbW
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.smaato.net/ Name: SCMu
Value: 592dbee6
.owneriq.net/ Name: roc
Value: 1
.owneriq.net/ Name: p2
Value: roc
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A08508D9-102C-4280-88EE-2D1A24469070
.quantserve.com/ Name: d
Value: EBABDQHIJ63ckwA
.quantserve.com/ Name: mc
Value: 63717129-cc7c1-6c218-9141d
.bluekai.com/ Name: bku
Value: ikG99YkhzVmAmm/U
.resetdigital.co/ Name: ckbk
Value: 000000D2D12A01C2
.ipredictive.com/ Name: cu
Value: 189ce4a1-43b0-4f8f-9664-1877bf46c91b|1668378921950
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0697176f-cd14-48e3-5143-156ab4e96086.d416CbOHocO9%2BSGozBiP%2FuQpxyAOCFegvSZkQZ%2FWl7U
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ABpcXb80USONRQxVqtOlghmjtwR0.Xr%2BHbu2YrItwmtn4XDf%2BsBmbP6Hcc0qXBOiuzQgM4Sg
.undertone.com/ Name: UTID
Value: 7d1e565b34c24c17a7d4dca79a706cf3
.undertone.com/ Name: UTID_ENC
Value: 7envudd29vm012jemmg1phn8z
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmZhbG5haWRgaW75ShzBNzK0NAUAjHizVCAAAAA
.postrelease.com/ Name: visitor
Value: 5e6024d8-1a12-4ff3-87d9-22ce97dc19c5
.media6degrees.com/ Name: acs
Value: 012020k1rlb5eyxzt10
.media6degrees.com/ Name: clid
Value: 2rlb5ey0117011ao6pldesa3000000018t011b01b01
.ad.gt/ Name: au_id
Value: 63c7b9a6-4f73-4f23-89a6-b9aa786e1656
.eyeota.net/ Name: mako_uid
Value: 18473220dc1-2a1d0000010a45cc
.intentiq.com/ Name: IQver
Value: 1.9
.eyeota.net/ Name: SERVERID
Value: 17868~DM
.rlcdn.com/ Name: rlas3
Value: rLWKAKGt1aitTqI27EMIICaBvmqeFcFDxnL7wbmjHZs=
.krxd.net/ Name: _kuid_
Value: PMno00FF
.id5-sync.com/ Name: 3pi
Value: 224#1668378920133#496613974#3847914353920511232|434#1668378921146#1066769851|1240#1668378920452#-956023906|264#1668378920808#2088819430#8a252b93-28d3-40a0-bf24-181284989787|441#1668378921346#173812381#u_a760e794-7429-45dd-8676-745b657443c4|203#1668378921640#-1868448480#9beebe1b-2bc8-4709-8856-7fceb2e55cca|155#1668378921808#-1673583715#AACws07G4uIAACCR69Mn3A|124#1668378920633#5433766|796#1668378922032#-865941156|1245#1668378920976#-956023906|429#1668378922518#-1694900955#A08508D9-102C-4280-88EE-2D1A24469070
.dpm.demdex.net/ Name: dpm
Value: 90770805671173348610981054368325332034
.demdex.net/ Name: demdex
Value: 90770805671173348610981054368325332034
.rlcdn.com/ Name: pxrc
Value: CKrixZsGEgYIuOsBEAA=
.pippio.com/ Name: did
Value: pZ1ZnC55F2VEP7oL
.pippio.com/ Name: didts
Value: 1668378922
.pippio.com/ Name: nnls
Value:
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1668378922637
.intentiq.com/ Name: IQTremorCookieSync
Value: 1668378922644
.intentiq.com/ Name: intentIQ
Value: sXgo019YVb
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7630-2!7630
.pubmatic.com/ Name: pi
Value: 156872:3
.pippio.com/ Name: pxrc
Value: CKrixZsGEgQIAhAAEgYI36wrEAA=
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPhZ_nMQ43TX3hq1ZffXtr0&KRTB&16514-CAESEPhZ_nMQ43TX3hq1ZffXtr0&KRTB&23025-CAESEPhZ_nMQ43TX3hq1ZffXtr0&KRTB&23386-CAESEPhZ_nMQ43TX3hq1ZffXtr0
.pubmatic.com/ Name: SyncRTB3
Value: 1669507200%3A220_21_13
.adsymptotic.com/ Name: U
Value: b993e679184cc26fe51124e047656283
.simpli.fi/ Name: suid
Value: 7F503C195A22489792DD1D44FD930470
.pubmatic.com/ Name: PugT
Value: 1668378922
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:84E77A959F4D41A9AB9BEEEBF77DE0DA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.intentiq.com/ Name: IQPubmaticCookieSync
Value: 1668378923115
.intentiq.com/ Name: IQAppnexusCookieSync
Value: 1668378923364
.casalemedia.com/ Name: CMTS
Value: 3442
.intentiq.com/ Name: IIQindexexchangeCookieSync
Value: 1668378923507
.intentiq.com/ Name: IQTripleLiftCookieSync
Value: 1668378923620
.rubiconproject.com/ Name: audit
Value: 1|znNq5FvOubCdcNGL1Rti7qBsUgqvFRODbl98GqAdlMDr1JKW4ws3nmMTiWRHQ9EGoCzEcRZYidmM1KxoLazItw2qcX6HA/UfJdjVO7SW0K/rB1upIEPr8au38LEsbkl3+VQUVRO2htBMqJO5mR56FZIA25Uzq2H8v+HosK/EwgBJnGNoFKmPQ4dYGIz8EqVPsqlSNZOaaDQ=
.intentiq.com/ Name: IQRubiconPrimisCookieSync
Value: 1668378923917
.intentiq.com/ Name: IQOpenxPrimisCookieSync
Value: 1668378924011
.intentiq.com/ Name: CSDT
Value: UEQ6MTUyNTBfMCZUTjZwd0J2IzEwMjExXzAmVE42cHZ5MCMxNTA0NF8wJlRONnB3RGsjMjRfMCZUTjZwdzViIzEwMTM5XzAmVE42cHc5YyMxNTExNV8wJlRONnB3SzMjMTUxMTlfMCZUTjZwd0lY
.intentiq.com/ Name: IQPData
Value: 1760411933#1668378924010#0#1668378922630

40 Console Messages

Source Level URL
Text
javascript error URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://simcast.com/?d=tryyourfirst.icu&pcid=802&rid=152&a=0
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://simcast.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://csync.loopme.me/?partner_id=2259&vt=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=8009236428
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://cm.mgid.com/m?cdsp=433142&c=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=5045850066
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.mgid.com/m?cdsp=433142&c=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3425718618
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://csync.loopme.me/?partner_id=2259&vt=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=615485646
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://simage2.pubmatic.com/AdServer/8432319229
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://simage2.pubmatic.com/AdServer/5698702766
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://x.fidelity-media.com/match.php?dsp=RHTMKUB&uid=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=1782563358
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://x.fidelity-media.com/match.php?dsp=RHTMKUB&uid=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=3841941762
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESECTBPhYN6VPTkB1Kd7PSBPA&google_cver=1&google_push=ASkJ3FZLd38MhvZd02OborV-avY7qHxF3NesFCpoTOLwMQFP0_YqrZDAbIawNuhV2cJ3Y4NaMfGnO1jK9VyWu6-PoXzbOwvmVQ
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://www.getpublica.com/usermatch/did=70844629-3a3f-48fe-b8b8-26efd6038169KrushID=70844629-3a3f-48fe-b8b8-26efd6038169
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://c.deployads.com/cs/r1?b=RX-70318d75-bb28-4261-97c8-b744639a5d6b-005&rndcb=6478972426
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://c.deployads.com/cs/r1?b=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=507030051
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://csync.loopme.me/?redirect=https%3A%2F%2Ftracker.ortb.vuukle.com%2Fsync%3Fid%3D43%26uid%3D%7Bdevice_id%7D%0A%26pubid%3D11486
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Floopme%2F%2F%7Bdevice_id%7D%3Fzcc%3D0%26sspret%3D1&pubid=9718&rndcb=4983780829
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Floopme%2F%2F%7Bdevice_id%7D%3Fzcc%3D0%26sspret%3D1&pubid=9718&rndcb=7906978408
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://sync.adkernel.com/user-sync?zone=42861&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fnativeads%2F%2F%7BUID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=75843423
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.adkernel.com/user-sync?zone=42861&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fnativeads%2F%2F%7BUID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7663775210
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.1rx.io/usersync/tradedesk/%%TDID%%?rndcb=6453846522
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.adkernel.com/user-sync?zone=83074&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fyieldnexus%2F%2F%7BUID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=8334225987
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.1rx.io/usersync/tradedesk/%%TDID%%?rndcb=6501569226
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.adkernel.com/user-sync?zone=83074&r=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fyieldnexus%2F%2F%7BUID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=555126539
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://r.turn.com/block/dvfu/&dvp_impid=e677c7e3347545efbd7ed7fdc98fce4a?cbust=1668378922820680
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ffbtas.com/?t=16a13d8cbeec55ba3c7be6656ecc54c5
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://r.turn.com/block/dvfu/&dvp_impid=c4827aad91a74ffe9290f18d979c45fc?cbust=1668378923197653
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=541745869;1402230080;1709765917;201339086;259151345;1725065545&rnd=-517808382&pcid=94c6e74e-2aca-4fb4-8d99-f61749106516
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=541745869;1402230080;1709765917;201339086;259151345;1725065545&rnd=2005715089&pcid=94c6e74e-2aca-4fb4-8d99-f61749106516
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://sync.aniview.com/cookiesyncendpoint?auid=1624283237666-936926128242-025699-007-001687&biddername=200&key=RX-4e8c8a1a-1fbc-403e-88be-10c764fde675-005&rndcb=740759991
Message:
Failed to load resource: the server responded with a status of 504 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-iad2.1rx.io
a.teads.tv
a.tribalfusion.com
aac4bf5215cd3db26d81006cb1ce41a0.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad.yieldlab.net
ade.googlesyndication.com
ads.altitude-arena.com
ads.betweendigital.com
ads.servenobid.com
ads.stickyadstv.com
ads.us.criteo.com
ads.yieldmo.com
adservice.google.com
aep.mxptint.net
aorta.clickagy.com
ap.lijit.com
api.feedad.com
api.rlcdn.com
as-sec.casalemedia.com
at.teads.tv
atemda.com
b1sync.zemanta.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.deployads.com
c.eu1.dyntrk.com
c1.adform.net
c2shb.pubgw.yahoo.com
cat.hbwrapper.com
cat.va.us.criteo.com
cc.adingo.jp
cdn.adapex.io
cdn.ampproject.org
cdn.doubleverify.com
cdn.id5-sync.com
cdn.resonate.com
cdnjs.cloudflare.com
ce.lijit.com
choices-or.trustarc.com
choices.trustarc.com
choices.truste.com
cloudflare.com
cm.ctnsnet.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
code.jquery.com
contextual.media.net
crb.kargo.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.krushmedia.com
cs.lkqd.net
cs.media.net
cs.minutemedia-prebid.com
cs.yellowblue.io
csi.gstatic.com
csm.us.criteo.net
csync.loopme.me
csync.smilewanted.com
d.turn.com
d15kdpgjg3unno.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d3div1mtym39ic.cloudfront.net
dis.eu.criteo.com
dmp.truoptik.com
dpm.demdex.net
ds.reson8.com
dsp.v.fwmrm.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
embed.sendtonews.com
eus.rubiconproject.com
ex.ingage.tech
exchange.mediavine.com
ffbtas.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
getpublica.com
ghb.adtelligent.com
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.crwdcntrl.net
id.rlcdn.com
id.sharedid.org
id.sv.rkdms.com
id5-sync.com
idpix.media6degrees.com
ids.ad.gt
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img-s-msn-com.akamaized.net
img.turncdn.com
in-appadvertising.com
insight.adsrvr.org
inv-nets.admixer.net
jadserve.postrelease.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
loadm.exelator.com
match.adsrvr.org
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mug.criteo.com
mweb.ck.inmobi.com
onetag-sys.com
openrtb.cootlogix.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
parking2.parklogic.com
partner.googleadservices.com
partners.tremorhub.com
pippio.com
pix.us.criteo.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.servebom.com
pixel.tapad.com
player.sendtonews.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prebid.smilewanted.com
presentation-atl1.turn.com
prod.uidapi.com
ps.eyeota.net
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
px.owneriq.net
r.turn.com
r2---sn-vgqsrnz7.c.2mdn.net
router.infolinks.com
rp.gwallet.com
rtb-csync.smartadserver.com
rtb.adstanding.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.va.us.criteo.com
s.ad.smaato.net
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
search.spotxchange.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simcast.com
ssp.api.tappx.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
svastx.moatads.com
sync.1rx.io
sync.adkernel.com
sync.adtelligent.com
sync.aniview.com
sync.bfmio.com
sync.colossusssp.com
sync.cootlogix.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.pubwise.io
sync.search.spotxchange.com
sync.spotim.market
sync.springserve.com
sync.srv.stackadapt.com
sync.sync.viewdeos.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
sync2.resetdigital.co
synchroscript.deliveryengine.adswizz.com
tagan.adlightning.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
timber.sendtonews.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-nyc.doubleverify.com
tracker.ortb.vuukle.com
trc.taboola.com
tryyourfirst.icu
u.openx.net
udmserve.net
ums.acuityplatform.com
unruly-match.dotomi.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usermatch.targeting.unrulymedia.com
usersync.getpublica.com
usersync.gumgum.com
usr.undertone.com
vae-bid.adsrvr.org
web.hb.ad.cpe.dotomi.com
www.getpublica.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.dlx.addthis.com
x.fidelity-media.com
x.videobyte.com
z.moatads.com
aorta.clickagy.com
api.feedad.com
api.rlcdn.com
cs.chocolateplatform.com
csync.loopme.me
ffbtas.com
prebid.smilewanted.com
rp.gwallet.com
sync.intentiq.com
x.fidelity-media.com
104.16.109.154
104.18.12.242
104.18.13.76
104.18.18.126
104.18.19.126
104.18.9.110
104.18.98.194
104.22.68.131
104.36.115.109
104.36.115.111
104.36.115.113
104.45.178.220
104.64.59.24
104.64.77.76
107.178.246.49
107.178.254.65
107.21.7.4
108.138.106.33
108.138.106.43
108.138.128.28
108.139.47.67
108.139.50.211
129.159.70.95
135.125.160.77
135.148.35.198
141.226.224.48
141.95.98.65
142.250.176.198
142.250.72.98
142.250.80.34
142.251.41.2
143.204.144.76
143.204.146.46
144.126.248.223
145.40.89.200
146.190.223.83
146.20.132.147
147.75.198.217
151.101.193.44
151.139.128.10
162.19.138.120
167.172.154.244
169.63.109.126
172.66.42.247
172.98.26.246
174.129.179.166
174.137.133.32
178.250.0.163
18.164.116.23
18.164.124.24
18.164.96.81
18.214.193.123
18.233.53.168
184.87.164.21
184.87.165.153
184.87.165.166
185.167.164.49
192.132.33.46
192.241.157.60
192.35.249.138
192.35.249.143
192.40.39.223
198.148.27.140
199.127.204.142
199.187.193.192
199.250.166.129
199.38.167.130
20.127.253.7
2001:4de0:ac18::1:a:1b
202.241.208.53
204.154.110.86
204.62.13.72
207.198.113.203
23.192.30.145
23.192.31.127
23.195.100.217
23.221.200.33
23.221.200.79
23.227.139.243
23.23.180.179
23.235.251.213
23.36.85.188
2404:6800:4009:81f::2003
2600:1400:d::173c:60b0
2600:141b:f000:3f::1731:fbda
2600:1f14:426:3f00:31cb:9e4b:85a9:ab59
2600:1f16:e61:3f02:77d9:b48f:f0d0:e412
2600:1f18:1c96:4102:e542:da3a:83ed:5fa3
2600:1f18:4e9:5a07:9547:efa7:eb91:ca4b
2600:1f18:612b:4232:6c23:5a2c:6d97:91e
2600:3c02::f03c:91ff:fee2:5b0f
2600:9000:210b:c200:11:1ed0:3900:21
2600:9000:2209:4e00:11:b309:9100:21
2600:9000:2209:7e00:1b:5138:8a40:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:53d
2606:4700:1::6813:884e
2606:4700:3030::6815:631
2606:4700:4400::ac40:9602
2606:4700::6810:84e5
2606:4700::6811:180e
2606:4700::6812:19ad
2606:ae80:1451:21::500
2606:ae80:1471:17::1050
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2006
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::200e
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::200a
2607:f8b0:4009:1e::7
2620:100:a001::16
2620:100:a001::18
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::a
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2a04:4e42:200::300
2a06:8640:454::2
3.213.189.24
3.218.237.248
3.218.90.66
3.22.200.52
3.223.138.69
3.226.186.45
3.226.20.33
3.230.62.22
3.89.34.248
3.92.156.8
3.93.88.22
31.220.27.155
34.107.148.139
34.120.155.137
34.149.50.64
34.193.160.212
34.195.22.183
34.200.185.2
34.202.126.101
34.204.153.137
34.226.169.111
34.226.8.71
34.229.3.43
34.230.93.42
34.232.147.170
34.232.208.82
34.249.73.217
34.98.64.218
35.164.244.115
35.169.31.254
35.173.157.165
35.186.193.173
35.190.113.31
35.190.60.146
35.207.24.140
35.211.165.199
35.211.178.172
35.221.57.18
35.71.139.29
38.67.14.224
38.91.45.7
44.232.191.58
45.79.244.12
51.222.105.60
51.222.239.230
51.81.11.180
52.206.71.0
52.223.40.198
52.44.138.18
52.46.151.131
52.5.12.27
52.5.99.161
52.55.54.43
52.59.84.54
52.95.125.22
54.148.144.255
54.156.207.182
54.160.14.168
54.164.239.233
54.175.149.48
54.205.113.20
54.230.163.71
54.80.21.143
54.85.209.208
54.85.21.126
54.87.127.173
63.251.114.136
63.251.28.234
63.251.86.49
64.74.236.191
67.226.210.222
68.67.153.61
68.67.160.117
68.67.181.211
68.71.249.118
69.166.1.10
69.173.151.100
69.90.254.78
70.42.32.95
72.52.179.174
74.119.119.139
74.119.119.147
74.121.140.14
8.2.108.194
8.2.110.134
8.2.111.121
8.28.7.82
8.28.7.83
96.46.183.20
99.83.190.102
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
05a95b8cbcb09bfe59002e3aa598204c9b3b0444f3ee607d5655327d96522692
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07531adeef4de14e75826ee1aa18f31cddf3870cf38d89310add79408f8bb4fb
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a01c8b9d366f968427a3dfc1196a9c2c66d0e78b8b53a784d4754b484e69313
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b81ebd295c56386af5d622092d29db6ecb12a7f8dc8be80fe54cbbfa3d3216e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d46a234da7737f3111cb9932329494743fe72b3ddd0a0539c6505f036fcc6b5
118afd859a9e500d848a3406ac0ea212dc2a0b8d16d2bee0738b83b388118737
127016c709270af117ec2c509d797e76a3a49f6cc2c0800b8f6480e35b784f42
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
16fb2a576203586c2b8134ec9c5372c9c0641ea10cd3f14716a6f1118a417d06
1ada2e586e894dd85febcd6dfb91b523014dc9342efbd3315253c97456d36266
1c2f75b7f306722dfc7eb1e00dbf5c7e39f5fe4c43c419bba891153328962050
1cab1d8cb363d396a33cac39395f6a288691c66a4b670af3e09dd65a3e74338a
1d50c59d665d1d719befb5b79d53c5dbf44613fe0aca3f37667b5cd69a523cc8
1e1f70157776e3e768a67de8073adc61f8b0c021aefeb71532523ccdd9e8b20e
1e4d9bcd4312dc1853f4059e1c4939cd6e64136aca303d07d4623cbe09a2ed90
1ea9a2858b06ac09860162299b7a95f6bf645b3cea87009909d234677b2d6440
1f40fdab22a78db476332a66073091e32da65fd4d4445e111c18a03eb8e9ba44
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
22f904a3947eab1b1ffca811baa6ca5c218ea53a4b38a86403e93caa2e8a17c6
24409cefca23792074814d8e770cbb15affc091d790408bd8d65c62c1cfb2fe2
28d8310ca41ef987e2c3197fb4abfbc2133f98b3429816e7984e5544c116e5f6
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bcb4ec208c3cc7c69900e60c4f00ceb8f8ba574e82ffb816e43eb68323180d5
2c019c7290ad55d7a266c07d630c6520457c09a2cb12813167ad678c6de59e6c
2d9e1f06819ebe1cca881b1570d162835a602346ca2a6b7538f7fd5cacb1a91c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f0417a415192f2b8e1d87330dc1137dfa03f4b9f70cfcfa2890cdba3b0a4e71
2f2ba3d835547860025276010df2fc6ff4543c32d90ac7486572eeea8ab08013
2f37d27511110baa889a910f08011ef9b6021f85d33026448f7e0486dca03d02
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3262c2bd70d868ed379b89eb25e964bf826721f17189a5170c352d20a7563f94
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3418fe28e64ee09a246edf387b1204376cb82c1ee8cbd3668c68492cac7c56ae
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
38598dd250ef73d19ebfa64e8790bfa82f48e8682ff8914c8c70a02ad0fe4940
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1afda1c57ea6cbe9400ae680b5af795a324f08bf8ffe5fa1d08cf7c0653038
3f36180c2d54beb42a6eb01af6bb0050404e139eabc341417cac1c5ac2de91bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400f85ef29a724123d5e8905fd73cb62a12be70011f5236985d4bb46fd5bcd2c
42972797696a625c589cf32eea7f49b1b290b9c853575b07526292f2368455b7
4307b4528a115b198538535904c628c6d971a3b070f23313332c4e56d0a7b74b
4359f448202c4bf23b8413a186a05e29b541fe067639120ffb2ca9bd76a327d5
4438d606bdbb746df876d21be6d13ef73f26fec9f2f21404f14d50bf7bff5f40
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47e4e1c834f2e155571dce296374dd00458ad7c8a72af3b69e08f35f4c81fdb0
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
48703f5acd90ec561cadb6f48d9b9f54e5643b284598a18847d3d331184f826d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b31e48e24ae38163b8b4749e0e02f56386d7715a84d108553a63b6465a5337
4a50a06438c16ac8d3ad656b951ecf98c85d5c011b07470955cb48183bd1ca53
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1a2853c3464e386990fa9859fedad1bfd25a537420028ff0b3535f150fffb3
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4ca4781e41894e6a1e08474d08ad435a1f40557af00fc3db51ee788d29a1f071
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee9f9cdaf50270c15f0fe86a3785a8b1325ee193dccf6396a278215e3f8137a
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51ad6f27771508eacc67edc60db023c35efb5d62c222b8f73585595b47bc30c0
534719b8cf4fd27180bf905d09e9117f514674e2c2aa1991465b742148f2583f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d708aba01131b28d5b20a2255730f941d391f2a3d33a809be045067167b89a
55238386f056c5336696978f6597eb75c6416b365135ffccf0d339be9ee88126
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f955f526870cd27af21b834d7a83a45caca6b06e3315bbcf5a7c9c39edf27a
58831c971fb91e1ca9b850996f7c3715becbe589dc041bc7f3688d4ef88a9b24
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5b1eb7e744f1085c2b23d20adc951156e403a5463869858ec292c796de35e78d
5b6bf20154e125279e794bb81e9cba88b3adcd8c20d3a34feb1fc15038897fdc
5ba24eaa5b26a1e035d150eaea532508bfb4ace4e7887c3c4807f130d60fbe2f
5c835707a9c6d6bbf26cb49111c349e9f78fff5c373b94b82cc6857ad0374c8d
5fd33337da0f4ab6d11799a3c0887357c93c3a0a9bc920eedaa8bad72b3e881e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60e2902731f7f783e9d3399969fd86d82a495a9aea58004687b4393018ad968e
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6246cca06aa1dc013495510fd040ebb520ba03f06f0f7465b7541555211a71f5
637a7b98d9279b40d38390d0c5f1e1c76e9582c57605418063a5164704df7a35
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
678b13393cad3d6c5aa05b378507647a9df55bd00fe94f440c958a83b049540b
678bb4ac2923f085af3b092b10a91b37b92d991d415a0662485fd715c8677887
694cd8004fd5b1376add7433a4040612c39b7e6b761f0cf5f3dacda5723bf1d9
6a868e245bcde2342e3a8f8f225c460b9efa568753b43a41190356f447137e14
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9a76b0d664ada7d9a853d3014f297b74c46aaba532f412c9325435489f4be0
6fb70b74ab8085fab0dfea5fde3fa7c8ec341e844cbca901b6ba5c464defcdb7
71520d28eca85e7836e16ac98152bdf53f7f3ef207f0a25b450960e1586502da
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73f945b70b38a7ea576d1bc6cdb5a3bf21c8a430ea3bfc8a9ae5b9883e3dc977
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74df6a6e6baba23c158bc44b03c0e68cd743edffbf10942864e70e1414936b48
74e5172ad789c47a9e42cabb22c734c6a711ddbb51f14fc24a10f28ecc1073b7
7717da18fff86552728b93961721cf5acb4fdd04c8e08535096af16bb206587f
782a61e1a386882a45f13e8b9df33bc38814cabc29ae84e5060fc76170150065
79d4d6d7dbafe539e2a973cc0030b1b2550c2defe99d7c809c7fefc1094d8670
79f758d6b93f3763160577e6f3cd56c040a266c4c093a81d9c4b9502f1f16a5a
7bc865d4888297484b184aa35555184abea6ef96a77f82f2e55144f140104be8
7be4ab69827ee2259c5b6ed28fd69c3b759eaeecaa875a7c24ba443990a45489
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa
7dc9c62dc86720546c13355156990a1a9713dc0e1dcd45fc8c6b291d150afdac
7e5964b26d7652c3aa35a544b72a0031a602b53a979e53fd39a279df794c1c68
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ffcbd4cd826103fd240b1eab533b0704c569ca77ebcc28225181e572cd9218d
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84498164a91e08f53e2ea5e8240452b0871643a928278b94b94f7793ac3ecc9d
848360150c7285fb18cb4639a4bb09a3664499b3076d27648f1fd1ff8a7f538f
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85b6c4e8a1bbca31c5fe51e3cd2bee514a5c54bc231898caf73ce52dc4bbc8ad
85fde9e161a1a5f0d3b373e1716be8d33a862045a5be27b66be824494697c7f2
87c3a197a48c22c41d42c060f2fdaeb239858f90a3bda093235c63952c367912
87fa7d182089bd285590bc52ac7356f2af07229df6c6fbb9b9564421d0dbd466
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c25c5a2481b2fbe4295483d3d606ee84c263ee86d83cce98bffe012104926f9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eed90d8213223247f5623bade750b53aac683e38634b3a860fc8d6cbb0dcd22
8f16f16ae2093b7ea1bb38f33aeeb16add79586fc973f82f33b40e955484b7d7
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fbd5c5051585016972da5d89ff8e800f129397f0a3a18751b47a220833d1bb5
9000ac6e87387641c9ef778db9586e320bf451e28815384c5e72b689876bcc90
916f8df8e8fe9760456ae7997f261122db49bb9c3dde724fd3e33e886b54525b
91d2ff8cd183add13f7bc094471b6c8e25f11c7996a74b239f87dae48524d80e
93726082e416b385b3801acdfcd3b82ff8033b8ec8ca3bb9b5abf46c26d56ba1
949be03475cd52707c957212a6201a1cfb5d9c05cc662971090ab61bd0be6683
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
98030f175cb41f733bc7f0c3317b9f221e6e09c7bc0e7350311f4101019e0935
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b20b04c905f4293fa04a1f7d9f8ea119c7e173717dce8e93b776f39e1d4c291
9c0ed80eb357d3cdc921d9b1b9137d0cab14d1d5295add19091926b643156a60
9ca0f43a01af45fdbc0cbf9e0cb03ee53215309999d1b3dab0975a95fcc157a4
9d462d0ecc3b73f5f913f52596f4c62d09828662ace2b1d8899a84f502840153
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2251445800c16c7e42d5376ae91a92cba0e12a16bb898248afe80e148534566
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a30067e1e8834c985269d61eb62bdb784c19fe989f651c1307f9935f7a4c47d0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a60936eaa4ebcbf19e2d53708ae96fc046dcf95fe11bff45442d4c28c99a4735
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90207f249eab38f51b4ecd6f0d71a611b111d8fa5576205620c9b07f865a11a
a973354e9b4d8b7b718615443d6d82ec73c057c6ecc5421fd256e3cc79d61819
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25f4b3fdb45046ad67c4d568fec24aa4e4395fb80cb75688ac8988c7828784b
b3b4711ab05c86f88101b6253b558863a0e475398abd71a5be88799ffde2ae8e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4c52d065f54f30b3944ed6d83d97e3eec06f305c9ecaab134ff7ee6170077c8
b79352c309e81605adb0327eda4adc44a8526845e565b49682542ea4db53feaa
b91045478de9f68c16d526766a3a783d5f5e191a149da617881625883f1824da
b98949b20dd291b4ee937f705c57da64e392047cd4aa0d1e68cc4dfd774c40b3
ba889554944d5cf767de8d6c1f22a3147554ecc0f1f5f01815f0bc8d59dd020f
bae58ed68eae068bb7f7ab5fe9f8b1c48e81c60252cf0a650ceec7a9da670ca8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca
bf72ef4a78503597c7cec77730a8a7be3235d50790444cbdf41bf47d7a599785
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36b342dc5dfa81113b4d5f2595c36433b03d12abbb60d7b13b19df1ec03649f
c4710d2d86157e62fa6527c9a689b0130c0798dd3e163cb993ffd90af9e42ab8
c4d44d81e7d14e8f94205363f8a44c71161f78af8ade9d5db6b9d5fb6a43c9c7
c6ae5f8b98ce1e3d1bebfbcafa09505150fed31556d4afd9aa25ce07062a1449
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df
c9fcabd6766d79a49d07a82461fed0b6e2a9bde6bd066d5107c4aabc9a7cbf36
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
ce902998227a14b3b643152620abed0787f2bdf7919482271c84476043ced3a6
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c9812c13dea4688abc43636974163b04881ca1faa771dba635ea7fa160f5f2
d3aff6b5aee10df68949c4c462537d872a5ba2bfc3ae88b65b3114a43b745e78
d43431d1328d7247adb0c92cde735d0c3267848151ed0efae2b39047e6c5e143
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d858e75f5a2828ab957722c99898bd7fa251bfdcbf7ce2385317d893adad7423
d9d44c3bcf6b292c5658d4db0826cf1448c66f1a82ef89fb6f69e56d4577243c
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
dc15b783b425ce87900c4c31cfcf9fe6c096d1a0634208d99024c40064d31b14
dc64567aaff7a39ca8a68eef15bcf701c4758749bebc51dd626b82130bd71285
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddee33ff05fc11855cc9cc93da0cb84c6f86dacb7f307c98aadafadcf59486d9
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df70f2306a38c6fb600b5e3cee8f455c276a80bc1b26c65dee42c6fed844b46d
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b880d02548134c2dd63b551c0f101a77d75b8c254a9ca9f6d940d4216a9d09
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6ac4e12a751b99eaa10456c87ae78888aeac9d3cb212f00aa8f87ad28328ae1
e83fa5597761d271429ccc2db223e5a3f5eae0f0c6d7009dba83a5d9e667608d
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ecddff71efbd9fc40b0c228c1e9821ef43fca86157672d0918e37d15b22885b8
ee2407419a39139d1fead2c9dcc35575f2ac43f7ff9c39734581c7f798ccc09d
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb
f343745d4f6a50ca10fcab1844a3982c05897df32c72b0a9643bd01da4550e8d
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
f6b74c229aa6bbdfcb4b4e9894bf476586cc59f7bdc7f0564fe7a1199b356a6b
f777b70b306d0091e19d2f0500fee8609589088a3b85cf4997ebbd02da355349
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
fb4c5ff4f54c6b47da6d9a932a893d4b39b6b2b7f9c66d0192ce3b9e8b6a8b33
fd241ff93ad738963d4edc9838e8e3054839a981a6906f26f39dcb27cde4bef9
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76