urlscan.io logo urlscan.io
SecurityTrails logo

arvan.arv1.arv1.vai2app.site Open in urlscan Pro
185.143.233.120  Public Scan

Go To Rescan Add Verdict Report
URL: https://arvan.arv1.arv1.vai2app.site/
Submission: On January 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 2 countries across 82 domains to perform 354 HTTP transactions. The main IP is 185.143.233.120, located in Iran, Islamic Republic Of and belongs to ARVANCLOUD-CDN-, IR. The main domain is arvan.arv1.arv1.vai2app.site.
TLS certificate: Issued by R3 on January 10th 2024. Valid for: 3 months.
This is the only time arvan.arv1.arv1.vai2app.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 185.143.233.120 205585 (ARVANCLOU...)
24 151.101.193.132 54113 (FASTLY)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
18 107.22.100.252 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... ()
1 2 2620:100:a001::c ()
1 34.120.155.137 ()
6 8 15.197.193.217 ()
2 74.119.119.139 ()
1 2 35.244.193.51 ()
3 52.85.249.178 ()
2 4 108.139.47.108 ()
1 34.102.146.192 ()
1 35.241.45.217 ()
1 18.160.249.17 ()
1 35.174.121.50 ()
5 13 104.18.36.155 ()
2 104.36.115.111 ()
2 69.173.151.96 ()
4 2602:803:c002... ()
2 54.87.155.248 ()
1 34.204.123.217 ()
1 18.160.10.20 ()
2 108.156.97.238 ()
1 2 34.120.107.143 ()
35 2607:f8b0:400... ()
5 2607:f8b0:400... ()
1 23.4.232.54 ()
1 35.170.42.58 ()
4 23.62.164.208 ()
3 3 198.148.27.131 ()
1 151.101.1.108 ()
4 15 35.244.159.8 ()
2 2 23.205.2.235 ()
5 23.50.125.215 ()
2 3.231.141.229 ()
1 1 44.195.244.24 ()
1 3 52.223.22.214 ()
1 1 23.50.124.22 ()
1 1 172.240.155.76 ()
1 1 107.21.19.202 ()
7 11 68.67.160.114 ()
6 6 35.211.178.172 ()
1 192.132.33.68 ()
5 6 3.225.218.10 ()
2 3.208.244.62 ()
19 2607:f8b0:400... ()
1 8.28.7.81 ()
13 52.207.45.55 ()
1 1 35.211.118.13 ()
5 8 34.111.113.62 ()
1 1 54.146.35.99 ()
2 4 2600:1f18:4e9... ()
3 3 52.86.74.151 ()
1 38.91.45.7 ()
2 2 50.31.142.223 ()
2 2 23.83.76.39 ()
2 2 35.244.154.8 ()
1 1 107.178.254.65 ()
2 4 2620:1ec:21::14 ()
1 1 2620:112:f002... ()
2 2 151.101.66.49 ()
3 7 52.46.155.104 ()
18 43 142.251.111.154 ()
2 2 185.167.164.49 ()
1 1 54.89.198.103 ()
2 3 35.186.253.211 ()
2 2 207.198.113.90 ()
1 1 211.120.53.200 ()
2 2 185.184.8.90 ()
1 2607:f8b0:400... ()
4 2607:f8b0:400... ()
4 2607:f8b0:400... ()
2 2 173.231.178.77 ()
7 8.28.7.83 ()
7 7 52.87.108.188 ()
1 2 23.83.76.58 ()
1 1 2603:c020:400... ()
1 40.76.134.238 ()
1 1 35.194.66.159 ()
2 162.248.18.34 ()
13 20 69.173.151.100 ()
1 2 34.195.158.204 ()
11 2607:f8b0:400... ()
6 172.253.63.149 ()
3 44.213.108.162 ()
1 1 8.43.72.97 ()
1 52.95.125.22 ()
1 1 2600:9000:201... ()
1 1 2600:9000:234... ()
1 108.156.120.36 ()
1 2 104.18.41.104 ()
1 23.40.62.72 ()
1 2 63.251.86.51 ()
1 2 23.62.165.62 ()
1 2600:1f18:612... ()
1 1 172.105.235.90 ()
1 1 174.137.133.49 ()
2 2 63.251.86.49 ()
2 2 2600:9000:203... ()
2 2 20.127.253.7 ()
2 2 162.19.138.118 ()
1 2620:116:800b... ()
1 1 38.98.69.175 ()
1 1 20.253.86.149 ()
1 3.215.126.7 ()
1 1 3.228.188.124 ()
3 172.253.62.157 ()
1 74.119.119.150 ()
1 1 199.38.167.130 ()
1 1 82.145.213.8 ()
2 3 2a02:6b8::90 ()
1 1 20.121.97.20 ()
4 2600:9000:261... ()
4 2600:1f13:800... ()
354 80
3    185.143.233.120 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)
arvan.arv1.arv1.vai2app.site
24    151.101.193.132 (United States)

ASN54113 (FASTLY, US)
scripts.pubnation.com
keywords.pubnation.com
24    2606:4700:20::681a:1fa (United States)

ASN13335 (CLOUDFLARENET, US)
quotefancy.com
5    2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
2    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
18    107.22.100.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-100-252.compute-1.amazonaws.com
exchange.pubnation.com
3    2607:f8b0:4004:c17::64 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3037::6815:2963 (None, )

ASN- ()
sda.fyi
2    2620:100:a001::c (None, )

ASN- ()
gum.criteo.com
1    34.120.155.137 (None, )

ASN- ()
api.rlcdn.com
8    15.197.193.217 (None, )

ASN- ()
match.adsrvr.org
2    74.119.119.139 (None, )

ASN- ()
mug.criteo.com
2    35.244.193.51 (None, )

ASN- ()
lexicon.33across.com
3    52.85.249.178 (None, )

ASN- ()
c.amazon-adsystem.com
4    108.139.47.108 (None, )

ASN- ()
sb.scorecardresearch.com
1    34.102.146.192 (None, )

ASN- ()
oa.openxcdn.net
1    35.241.45.217 (None, )

ASN- ()
pghub.io
1    18.160.249.17 (None, )

ASN- ()
cdn.opecloud.com
1    35.174.121.50 (None, )

ASN- ()
exchange.mediavine.com
13    104.18.36.155 (None, )

ASN- ()
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    104.36.115.111 (None, )

ASN- ()
hbopenbid.pubmatic.com
2    69.173.151.96 (None, )

ASN- ()
prebid-server.rubiconproject.com
4    2602:803:c002:200::32 (None, )

ASN- ()
fastlane.rubiconproject.com
2    54.87.155.248 (None, )

ASN- ()
tlx.3lift.com
1    34.204.123.217 (None, )

ASN- ()
pdmp.tagger.opecloud.com
1    18.160.10.20 (None, )

ASN- ()
config.aps.amazon-adsystem.com
2    108.156.97.238 (None, )

ASN- ()
aax.amazon-adsystem.com
2    34.120.107.143 (None, )

ASN- ()
oajs.openx.net
35    2607:f8b0:4004:c17::9a (None, )

ASN- ()
pagead2.googlesyndication.com
googleads.g.doubleclick.net
5    2607:f8b0:4004:c1f::84 (None, )

ASN- ()
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
1    23.4.232.54 (None, )

ASN- ()
secure.cdn.fastclick.net
1    35.170.42.58 (None, )

ASN- ()
pdmp.profiles.tagger.opecloud.com
4    23.62.164.208 (None, )

ASN- ()
ads.pubmatic.com
3    198.148.27.131 (None, )

ASN- ()
bh.contextweb.com
1    151.101.1.108 (None, )

ASN- ()
acdn.adnxs.com
15    35.244.159.8 (None, )

ASN- ()
u.openx.net
google-bidout-d.openx.net
us-u.openx.net
2    23.205.2.235 (None, )

ASN- ()
secure-assets.rubiconproject.com
5    23.50.125.215 (None, )

ASN- ()
eus.rubiconproject.com
2    3.231.141.229 (None, )

ASN- ()
rtb.gumgum.com
1    44.195.244.24 (None, )

ASN- ()
ads.yieldmo.com
3    52.223.22.214 (None, )

ASN- ()
eb2.3lift.com
1    23.50.124.22 (None, )

ASN- ()
contextual.media.net
1    172.240.155.76 (None, )

ASN- ()
sync.colossusssp.com
1    107.21.19.202 (None, )

ASN- ()
jadserve.postrelease.com
11    68.67.160.114 (None, )

ASN- ()
secure.adnxs.com
ib.adnxs.com
6    35.211.178.172 (None, )

ASN- ()
x.bidswitch.net
1    192.132.33.68 (None, )

ASN- ()
bttrack.com
6    3.225.218.10 (None, )

ASN- ()
ups.analytics.yahoo.com
2    3.208.244.62 (None, )

ASN- ()
ice.360yield.com
match.360yield.com
19    2607:f8b0:4004:c0b::84 (None, )

ASN- ()
tpc.googlesyndication.com
1    8.28.7.81 (None, )

ASN- ()
image6.pubmatic.com
13    52.207.45.55 (None, )

ASN- ()
usersync.gumgum.com
1    35.211.118.13 (None, )

ASN- ()
r.bidswitch.net
8    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
1    54.146.35.99 (None, )

ASN- ()
sync.srv.stackadapt.com
4    2600:1f18:4e9:5a05:65dd:568a:ef48:8f07 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
3    52.86.74.151 (None, )

ASN- ()
sync.ipredictive.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
2    50.31.142.223 (None, )

ASN- ()
b1sync.zemanta.com
2    23.83.76.39 (None, )

ASN- ()
ssbsync.smartadserver.com
2    35.244.154.8 (None, )

ASN- ()
id.rlcdn.com
1    107.178.254.65 (None, )

ASN- ()
pippio.com
4    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
1    2620:112:f002:bbbb::21 (None, )

ASN- ()
ad.turn.com
2    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
7    52.46.155.104 (None, )

ASN- ()
s.amazon-adsystem.com
43    142.251.111.154 (None, )

ASN- ()
cm.g.doubleclick.net
2    185.167.164.49 (None, )

ASN- ()
c1.adform.net
1    54.89.198.103 (None, )

ASN- ()
aorta.clickagy.com
3    35.186.253.211 (None, )

ASN- ()
rtb.openx.net
2    207.198.113.90 (None, )

ASN- ()
pixel-sync.sitescout.com
1    211.120.53.200 (None, )

ASN- ()
tg.socdm.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    2607:f8b0:4004:c17::9c (None, )

ASN- ()
googleads.g.doubleclick.net
4    2607:f8b0:4004:c08::9c (None, )

ASN- ()
www.googletagservices.com
4    2607:f8b0:4004:c06::63 (None, )

ASN- ()
www.google.com
2    173.231.178.77 (None, )

ASN- ()
cm.adgrx.com
7    8.28.7.83 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
7    52.87.108.188 (None, )

ASN- ()
match.prod.bidr.io
2    23.83.76.58 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    2603:c020:400d:3000:67b7:1059:7283:c690 (None, )

ASN- ()
sync.technoratimedia.com
1    40.76.134.238 (None, )

ASN- ()
us01.z.antigena.com
1    35.194.66.159 (None, )

ASN- ()
um.simpli.fi
2    162.248.18.34 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
20    69.173.151.100 (None, )

ASN- ()
token.rubiconproject.com
pixel.rubiconproject.com
2    34.195.158.204 (None, )

ASN- ()
fw.adsafeprotected.com
11    2607:f8b0:4004:c08::94 (None, )

ASN- ()
s0.2mdn.net
6    172.253.63.149 (None, )

ASN- ()
ad.doubleclick.net
3    44.213.108.162 (None, )

ASN- ()
s.cdnsynd.com
1    8.43.72.97 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
1    52.95.125.22 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    2600:9000:201e:9c00:1a:5235:f980:93a1 (None, )

ASN- ()
live.primis.tech
1    2600:9000:234f:1600:1b:6b7d:2300:93a1 (None, )

ASN- ()
sync.intentiq.com
1    108.156.120.36 (None, )

ASN- ()
sync1.intentiq.com
2    104.18.41.104 (None, )

ASN- ()
capi.connatix.com
1    23.40.62.72 (None, )

ASN- ()
hb.yahoo.net
2    63.251.86.51 (None, )

ASN- ()
ce.lijit.com
2    23.62.165.62 (None, )

ASN- ()
sync.teads.tv
1    2600:1f18:612b:4280:4704:4c85:9700:4b40 (None, )

ASN- ()
partners.tremorhub.com
1    172.105.235.90 (None, )

ASN- ()
a.c.appier.net
1    174.137.133.49 (None, )

ASN- ()
dsp.adkernel.com
2    63.251.86.49 (None, )

ASN- ()
ap.lijit.com
2    2600:9000:203a:e800:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
2    20.127.253.7 (None, )

ASN- ()
sync.inmobi.com
2    162.19.138.118 (None, )

ASN- ()
id5-sync.com
1    2620:116:800b:21:f059:4f7e:28a9:1588 (None, )

ASN- ()
cms.quantserve.com
1    38.98.69.175 (None, )

ASN- ()
aep.mxptint.net
1    20.253.86.149 (None, )

ASN- ()
mweb.ck.inmobi.com
1    3.215.126.7 (None, )

ASN- ()
match.sharethrough.com
1    3.228.188.124 (None, )

ASN- ()
cc.adingo.jp
3    172.253.62.157 (None, )

ASN- ()
googleads4.g.doubleclick.net
1    74.119.119.150 (None, )

ASN- ()
dis.criteo.com
1    199.38.167.130 (None, )

ASN- ()
a.rfihub.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
3    2a02:6b8::90 (None, )

ASN- ()
an.yandex.ru
1    20.121.97.20 (None, )

ASN- ()
www.temu.com
4    2600:9000:2616:3a00:8:48e:53c0:93a1 (None, )

ASN- ()
static.adsafeprotected.com
4    2600:1f13:800:7781:e384:83b1:2e4:8c72 (None, )

ASN- ()
dt.adsafeprotected.com
Apex Domain
Subdomains		 Transfer
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net
googleads.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
311 KB
55 googlesyndication.com
pagead2.googlesyndication.com
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
tpc.googlesyndication.com
354 KB
42 pubnation.com
scripts.pubnation.com — Cisco Umbrella Rank: 47947
exchange.pubnation.com — Cisco Umbrella Rank: 47711
keywords.pubnation.com — Cisco Umbrella Rank: 56829
319 KB
34 rubiconproject.com
prebid-server.rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
48 KB
24 quotefancy.com
quotefancy.com — Cisco Umbrella Rank: 258767
587 KB
20 openx.net
oajs.openx.net
u.openx.net
google-bidout-d.openx.net
us-u.openx.net
rtb.openx.net
4 KB
16 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
33 KB
15 gumgum.com
rtb.gumgum.com
usersync.gumgum.com
5 KB
14 amazon-adsystem.com
c.amazon-adsystem.com
config.aps.amazon-adsystem.com
aax.amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
82 KB
13 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8 KB
12 adnxs.com
acdn.adnxs.com
secure.adnxs.com
ib.adnxs.com
27 KB
11 2mdn.net
s0.2mdn.net
393 KB
10 adsafeprotected.com
fw.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
116 KB
10 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
4 KB
8 tapad.com
pixel.tapad.com
pandg.tapad.com Failed
2 KB
8 adsrvr.org
match.adsrvr.org
3 KB
7 bidr.io
match.prod.bidr.io
4 KB
7 bidswitch.net
x.bidswitch.net
r.bidswitch.net
4 KB
5 3lift.com
tlx.3lift.com
eb2.3lift.com
2 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
4 lijit.com
ce.lijit.com
ap.lijit.com
2 KB
4 google.com
www.google.com
1 KB
4 googletagservices.com
www.googletagservices.com
260 KB
4 linkedin.com
px.ads.linkedin.com
1 KB
4 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 yandex.ru
an.yandex.ru
978 B
3 inmobi.com
sync.inmobi.com
mweb.ck.inmobi.com
2 KB
3 cdnsynd.com
s.cdnsynd.com
192 B
3 ipredictive.com
sync.ipredictive.com
1 KB
3 contextweb.com
bh.contextweb.com
3 KB
3 opecloud.com
cdn.opecloud.com
pdmp.tagger.opecloud.com
pdmp.profiles.tagger.opecloud.com
13 KB
3 rlcdn.com
api.rlcdn.com
id.rlcdn.com
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
3 vai2app.site
arvan.arv1.arv1.vai2app.site
96 KB
2 id5-sync.com
id5-sync.com
3 KB
2 smaato.net
s.ad.smaato.net
939 B
2 teads.tv
sync.teads.tv
628 B
2 connatix.com
capi.connatix.com
522 B
2 intentiq.com
sync.intentiq.com
sync1.intentiq.com
2 KB
2 adgrx.com
cm.adgrx.com
1011 B
2 creativecdn.com
creativecdn.com
883 B
2 sitescout.com
pixel-sync.sitescout.com
868 B
2 adform.net
c1.adform.net
1 KB
2 everesttech.net
sync-tm.everesttech.net
622 B
2 zemanta.com
b1sync.zemanta.com
1 KB
2 360yield.com
ice.360yield.com
match.360yield.com
397 B
2 33across.com
lexicon.33across.com
618 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
148 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 8446
83 KB
1 temu.com
www.temu.com
514 B
1 opera.com
t.adx.opera.com
673 B
1 rfihub.com
a.rfihub.com
1 KB
1 adingo.jp
cc.adingo.jp
421 B
1 sharethrough.com
match.sharethrough.com
280 B
1 mxptint.net
aep.mxptint.net
729 B
1 quantserve.com
cms.quantserve.com
463 B
1 adkernel.com
dsp.adkernel.com
542 B
1 appier.net
a.c.appier.net
599 B
1 tremorhub.com
partners.tremorhub.com
175 B
1 yahoo.net
hb.yahoo.net
650 B
1 primis.tech
live.primis.tech
557 B
1 simpli.fi
um.simpli.fi
659 B
1 antigena.com
us01.z.antigena.com
1 technoratimedia.com
sync.technoratimedia.com
4 KB
1 socdm.com
tg.socdm.com
831 B
1 clickagy.com
aorta.clickagy.com
652 B
1 turn.com
ad.turn.com
441 B
1 pippio.com
pippio.com
633 B
1 deepintent.com
match.deepintent.com
338 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 bttrack.com
bttrack.com
306 B
1 postrelease.com
jadserve.postrelease.com
592 B
1 colossusssp.com
sync.colossusssp.com
741 B
1 media.net
contextual.media.net
701 B
1 yieldmo.com
ads.yieldmo.com
580 B
1 fastclick.net
secure.cdn.fastclick.net
17 KB
1 mediavine.com
exchange.mediavine.com
1 KB
1 pghub.io
pghub.io
5 KB
1 openxcdn.net
oa.openxcdn.net
8 KB
1 sda.fyi
sda.fyi
608 B
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
354 82
Domain Requested by
43 cm.g.doubleclick.net 18 redirects u.openx.net
rtb.gumgum.com
googleads.g.doubleclick.net
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
eb2.3lift.com
31 pagead2.googlesyndication.com securepubads.g.doubleclick.net
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
arvan.arv1.arv1.vai2app.site
www.googletagservices.com
24 quotefancy.com arvan.arv1.arv1.vai2app.site
23 scripts.pubnation.com arvan.arv1.arv1.vai2app.site
scripts.pubnation.com
exchange.pubnation.com
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
tpc.googlesyndication.com
arvan.arv1.arv1.vai2app.site
18 exchange.pubnation.com scripts.pubnation.com
exchange.pubnation.com
rtb.gumgum.com
u.openx.net
ads.pubmatic.com
13 usersync.gumgum.com rtb.gumgum.com
eus.rubiconproject.com
12 pixel.rubiconproject.com 7 redirects
12 us-u.openx.net 3 redirects u.openx.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
11 s0.2mdn.net arvan.arv1.arv1.vai2app.site
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
s0.2mdn.net
8 token.rubiconproject.com 6 redirects eus.rubiconproject.com
8 pixel.tapad.com 5 redirects google-bidout-d.openx.net
ads.pubmatic.com
8 ib.adnxs.com 4 redirects acdn.adnxs.com
googleads.g.doubleclick.net
eb2.3lift.com
8 match.adsrvr.org 6 redirects scripts.pubnation.com
eb2.3lift.com
7 match.prod.bidr.io 7 redirects
7 s.amazon-adsystem.com 3 redirects u.openx.net
ads.pubmatic.com
6 ad.doubleclick.net arvan.arv1.arv1.vai2app.site
6 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
6 ups.analytics.yahoo.com 5 redirects u.openx.net
6 x.bidswitch.net 6 redirects eb2.3lift.com
5 googleads.g.doubleclick.net 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
pagead2.googlesyndication.com
5 eus.rubiconproject.com exchange.pubnation.com
rtb.gumgum.com
eus.rubiconproject.com
scripts.pubnation.com
5 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 securepubads.g.doubleclick.net scripts.pubnation.com
securepubads.g.doubleclick.net
4 dt.adsafeprotected.com 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
4 static.adsafeprotected.com 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
srcdoc
4 image2.pubmatic.com ads.pubmatic.com
4 www.google.com tpc.googlesyndication.com
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
4 www.googletagservices.com 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
4 px.ads.linkedin.com 2 redirects u.openx.net
eb2.3lift.com
4 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
ads.pubmatic.com
eb2.3lift.com
4 ads.pubmatic.com exchange.pubnation.com
rtb.gumgum.com
ads.pubmatic.com
scripts.pubnation.com
4 fastlane.rubiconproject.com scripts.pubnation.com
4 htlb.casalemedia.com scripts.pubnation.com
4 sb.scorecardresearch.com 2 redirects
3 an.yandex.ru 2 redirects
3 googleads4.g.doubleclick.net arvan.arv1.arv1.vai2app.site
3 s.cdnsynd.com arvan.arv1.arv1.vai2app.site
3 simage2.pubmatic.com ads.pubmatic.com
3 rtb.openx.net 2 redirects google-bidout-d.openx.net
3 sync.ipredictive.com 3 redirects
3 secure.adnxs.com 3 redirects
3 ssum-sec.casalemedia.com 3 redirects
3 eb2.3lift.com 1 redirects ads.pubmatic.com
scripts.pubnation.com
eb2.3lift.com
3 bh.contextweb.com 3 redirects
3 c.amazon-adsystem.com scripts.pubnation.com
c.amazon-adsystem.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 arvan.arv1.arv1.vai2app.site quotefancy.com
arvan.arv1.arv1.vai2app.site
2 id5-sync.com 2 redirects
2 sync.inmobi.com 2 redirects
2 s.ad.smaato.net 2 redirects
2 ap.lijit.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 ce.lijit.com 1 redirects
2 capi.connatix.com 1 redirects
2 fw.adsafeprotected.com 1 redirects arvan.arv1.arv1.vai2app.site
2 rtb-csync.smartadserver.com 1 redirects 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
2 cm.adgrx.com 2 redirects
2 creativecdn.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 c1.adform.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 id.rlcdn.com 2 redirects
2 ssbsync.smartadserver.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 rtb.gumgum.com exchange.pubnation.com
rtb.gumgum.com
2 secure-assets.rubiconproject.com 2 redirects
2 u.openx.net 1 redirects exchange.pubnation.com
2 oajs.openx.net 1 redirects
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 tlx.3lift.com scripts.pubnation.com
2 prebid-server.rubiconproject.com scripts.pubnation.com
2 hbopenbid.pubmatic.com scripts.pubnation.com
2 lexicon.33across.com 1 redirects
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 www.googletagmanager.com arvan.arv1.arv1.vai2app.site
www.googletagmanager.com
2 netdna.bootstrapcdn.com arvan.arv1.arv1.vai2app.site
netdna.bootstrapcdn.com
1 simage4.pubmatic.com ads.pubmatic.com
1 www.temu.com 1 redirects
1 t.adx.opera.com 1 redirects
1 a.rfihub.com 1 redirects
1 dis.criteo.com 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
eb2.3lift.com
1 cc.adingo.jp 1 redirects
1 match.360yield.com 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
1 match.sharethrough.com 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
1 mweb.ck.inmobi.com 1 redirects
1 aep.mxptint.net 1 redirects
1 cms.quantserve.com 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
1 dsp.adkernel.com 1 redirects
1 a.c.appier.net 1 redirects
1 partners.tremorhub.com googleads.g.doubleclick.net
1 hb.yahoo.net
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi 1 redirects
1 us01.z.antigena.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 tg.socdm.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 ad.turn.com 1 redirects
1 pippio.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.srv.stackadapt.com 1 redirects
1 r.bidswitch.net 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 image6.pubmatic.com ads.pubmatic.com
1 ice.360yield.com
1 bttrack.com
1 jadserve.postrelease.com 1 redirects
1 sync.colossusssp.com 1 redirects
1 contextual.media.net 1 redirects
1 ads.yieldmo.com 1 redirects
1 acdn.adnxs.com exchange.pubnation.com
1 pdmp.profiles.tagger.opecloud.com cdn.opecloud.com
1 secure.cdn.fastclick.net arvan.arv1.arv1.vai2app.site
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 pdmp.tagger.opecloud.com
1 exchange.mediavine.com exchange.pubnation.com
1 cdn.opecloud.com arvan.arv1.arv1.vai2app.site
1 pghub.io scripts.pubnation.com
1 oa.openxcdn.net scripts.pubnation.com
1 api.rlcdn.com scripts.pubnation.com
1 sda.fyi scripts.pubnation.com
1 keywords.pubnation.com scripts.pubnation.com
0 pandg.tapad.com Failed pghub.io
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
354 131

This site contains links to these domains. Also see Links.

Domain
quotefancy.com
Subject Issuer Validity Valid
vai2app.site
R3		 2024-01-10 -
2024-04-09		 3 months crt.sh
*.pubnation.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2024-01-04 -
2025-02-04		 a year crt.sh
quotefancy.com
Cloudflare Inc ECC CA-3		 2023-07-19 -
2024-07-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
exchange.pubnation.com
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-27		 a year crt.sh
sda.fyi
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
cdn.opecloud.com
Amazon RSA 2048 M02		 2023-12-16 -
2025-01-12		 a year crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01		 2023-04-05 -
2024-05-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.tagger.opecloud.com
Amazon RSA 2048 M03		 2023-08-29 -
2024-09-26		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.profiles.tagger.opecloud.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-13		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cdnsynd.com
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh

This page contains 54 frames:

Primary Page: https://arvan.arv1.arv1.vai2app.site/
Frame ID: 93C4E62CB8453AAAC58BA8F3C734D42C
Requests: 113 HTTP requests in this frame

Frame: https://scripts.pubnation.com/sync/check
Frame ID: E49E8E6D74DF45D6B9AA3808C7354033
Requests: 1 HTTP requests in this frame

Frame: https://exchange.mediavine.com/usersync/sync?origin=https://arvan.arv1.arv1.vai2app.site&src=https://exchange.mediavine.com&s2sVersion=production&gdpr=0&us_privacy=1---&gppString=DBABzw~1---~BqgAAAAAAgA&p=%7B%7D
Frame ID: 494314858FEFA2B39B6A23656E8D417A
Requests: 1 HTTP requests in this frame

Frame: https://exchange.pubnation.com/usersync/sync?origin=https://arvan.arv1.arv1.vai2app.site&src=//exchange.pubnation.com&s2sVersion=production&mv_uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&version=invalidate-verizon-pushes&gdpr=0&us_privacy=1---&gppString=DBABzw~1---~BqgAAAAAAgA&p=%7B%22appnexus%22%3Atrue%2C%22gumgum%22%3Atrue%2C%22huddled_masses%22%3Atrue%2C%22indexExchange%22%3Atrue%2C%22mediadotnet%22%3Atrue%2C%22mediagrid%22%3Atrue%2C%22nativo%22%3Atrue%2C%22openx%22%3Atrue%2C%22pubmatic%22%3Atrue%2C%22pulsepoint%22%3Atrue%2C%22rubicon%22%3Atrue%2C%22triplelift%22%3Atrue%2C%22verizon%22%3Atrue%2C%22yieldmo%22%3Atrue%7D
Frame ID: C709179B7D121CC8D342817AA0C9C4CA
Requests: 1 HTTP requests in this frame

Frame: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 266AAA57EC1C17E1B23F628B6D4AF6AE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Frame ID: 9B63917C9A1A0E4A1CA1C7BFA98CA357
Requests: 14 HTTP requests in this frame

Frame: https://exchange.pubnation.com/usersync/redirect?partner=pulsepoint&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=SQ7VaPKApf5j&ev=dd2574a0-b155-11ee-8571-813a2ca4bdfa&pid=562728
Frame ID: 7EFD58F7667DB1A91C0C34A406A4D6B8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 56B2EC2D584DC1336905094FA4022E91
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Frame ID: 86F5A4BB3AE407BE943BED13648111C4
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pubnation&endpoint=us-east
Frame ID: 4AA8B41EA4E677D220DB78A29469F2BC
Requests: 20 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Frame ID: A16695A497503D012BDB5AE47B942A34
Requests: 12 HTTP requests in this frame

Frame: https://exchange.pubnation.com/usersync/redirect?partner=yieldmo&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=VEzYkGcQQYcwA8NMH3W0&gdpr=&gdpr_consent=&us_privacy=1---
Frame ID: 20F5F4623282B4B622E32D743E3AD499
Requests: 1 HTTP requests in this frame

Frame: https://exchange.pubnation.com/usersync/redirect?partner=triplelift&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=4117923867202039094483
Frame ID: FA656B5844D9FC30A0B135DEBF60F441
Requests: 1 HTTP requests in this frame

Frame: https://exchange.pubnation.com/usersync/redirect?partner=indexExchange&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=ZaFK5Nv31rY90DfpRZT2bAAA%265569
Frame ID: A045BAECEAEC45C756AE85FB21EFD85E
Requests: 1 HTTP requests in this frame

Frame: https://exchange.pubnation.com/usersync/redirect?partner=mediadotnet&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=3480708841523799000V10
Frame ID: D00C42FD429E478B3BA6E0151CA22D52
Requests: 1 HTTP requests in this frame

Frame: https://exchange.pubnation.com/usersync/redirect?partner=huddled_masses&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=07ae1cef-b5e8-41f0-879e-a378f259d97b
Frame ID: 7CD5B8CA7E4A770D3966C9ED17CD33A3
Requests: 1 HTTP requests in this frame

Frame: https://exchange.pubnation.com/usersync/redirect?partner=nativo&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=e7ade0f5-7c8b-4e53-bc97-b93631c89096
Frame ID: 5C9451FBF43082472FDECBEFD0D4BECF
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 4F6ADFC7560C570E826FE4955C099402
Requests: 6 HTTP requests in this frame

Frame: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5912529420D0FFA3D0094813392AAE51
Requests: 24 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=1153590972671537316&gdpr=&gdpr_consent=
Frame ID: A30448DD659FD1892F5091F42D971A64
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83ODRlMjc5NS0wYjYwLTRjOTItYTVhYS0xODBlZTkwMDFmYTc=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 1E064338466CD99C0E99E5F43C6B2610
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: FA73857E15CB5332F505AF2F7EB0DEA0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=70451e3f-8576-44e3-b479-ae4858a3ebcb
Frame ID: 929352A985C9197AED70129D35E599BE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZaFK5cCo5sMAALTC2e0AAAAA
Frame ID: 539B3F21AFBC2AC58DC7DACBF85984DE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=vbKPo6BZzg43kT8Uf3YS5UeqoimMo025DM5gfrcAftI&pi=gumgum&tc=1
Frame ID: 2816A9909101FF3CF0EF3091A013E258
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 3729E6E0B8760623ADA9933B365286F4
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit_fyAAjAB&v=APEucNUhMBEL2hU2KGl8o517QWLdm6LGky_7VQHY2PM7QEVuyzysuKSM4lNph8KBwyOqHtFTMqAUQyA5tkaqKQ3VD6hrtAX8Qg
Frame ID: 94130A40DB8CFAF04424C38D573552D2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D3D839480341529449F5AB36E5CFA131
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3F5D8A32F3D3849572CAA2CDB708CFD
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=8CDE2E07-4406-4518-912F-270386807B48&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 613F2DB36B29A1C3B8C68C3939A2DB51
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=dde168c2-b155-11ee-9877-b7874cadc6e0
Frame ID: 9669D9A194DCD28F00F1A5914DD150B6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADiEE7LQpYAABWw-wqvvQ&gdpr=0
Frame ID: CD315645431A09C6A67A579715BBBF48
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3856803846468436779&gdpr=0&gdpr_consent=
Frame ID: ABD8A001DC04E26C0F1E730B52FAB007
Requests: 1 HTTP requests in this frame

Frame: https://exchange.pubnation.com/usersync/redirect?partner=pubmatic&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=8CDE2E07-4406-4518-912F-270386807B48
Frame ID: AC8D388FF77DE26B38AAB2F283D84C5F
Requests: 1 HTTP requests in this frame

Frame: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 35F0CFA2D514C7B6683864EB20DDD67E
Requests: 14 HTTP requests in this frame

Frame: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE74FCB218A50F0978AE03E710624A22
Requests: 14 HTTP requests in this frame

Frame: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C0AA8AC8CEE2C130F52B7911DB565F29
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEY05y7_AEwAQ&v=APEucNXC7w7IpMZJMe3sgTT92TqLgjrPmAuaEZfJ3tSRSTQ2rQHakTH-NAo3DoUZot4JFX1GgFR4lP0dGy6nBEctXOMY6X5PRg
Frame ID: 99E38966FD6C7B5F623ADFB292252A5F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F8E8AC07620529E538726A410F6C366
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEYzLvm_AEwAQ&v=APEucNU7zO8fQO8WIDD_r6jnMqXr_P8k_6hK7fun4atxVFGs4RfrriQOv3x5xhFeZlVpLFy5OvtBSHfCHpaaMZpLEl1hSHBk0Q
Frame ID: 4D5A31C26381E63449D08D7357BA880E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CF9F7E61E3A018D2CEE9545A30AE8C85
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEYzLvm_AEwAQ&v=APEucNVxWOqLViteml560Q34hS4y4BI8k-4tYJo6-yDwoHAV49Jhk1aIZ59mVjq9z34YqCA8CvugHdpWxNc3iFxq5qV_DuwrNQ
Frame ID: E6D395BBEE4E2E5B6F141E24B56C10F0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 39E16B26AAEBFD294CB8D1D99E0D674C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 10769B088C7B71B92643EBCA488CE144
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1D380119BFA5B22E5327DE893AB27BED
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8693F75374D39197C864EFEA1522DA21
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: FFD7F5950C57B25A02A4A51A2ADEAC30
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
Frame ID: 2CB12C9CD1D5D1397FFAAE1983DB374D
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 72EE25E1A8DD0C3B82622799572C0D82
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&owner=P%26G&bp_id=pubnation&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Hobbies%20%26%20Interests%22%2C%22subcategory%22%3A%22Arts%20%26%20Crafts%22%2C%22liveramp_idl%22%3Anull%7D
Frame ID: 3977348F4743E2A4F4CFD630B98C1A5B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_728x90.js
Frame ID: F3E669071510036F6E98CE5C2CE1BDAD
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Frame ID: 1F916E942DF58EB82C5557113215CE59
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162150&us_privacy=1---
Frame ID: 08E9096716A475E495C0D75303697CCD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
Frame ID: F6843AEC4338869A255A3780B26607EB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Inspirational Quotes on Beautiful Wallpapers - QuoteFancy

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

354
Requests

71 %
HTTPS

23 %
IPv6

82
Domains

131
Subdomains

80
IPs

2
Countries

2929 kB
Transfer

6751 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fquotefancy.com%2F&domain=arvan.arv1.arv1.vai2app.site&cw=1&lsw=1&us_privacy=1--- HTTP 302
  • https://mug.criteo.com/sid?cpp=1beyEXw1aVZ5Mzl6UWRoZENSSEtNZXorWWpYN0ZiREh2dUpISVFCUk9CNkpMZUdOSS9oYmkrMEQzejJtVTlvbnhHVFp3V1NkUnJhOTFjUS9DU0RBdkVLbzQrL2Urb0xjaCtST1BYOWtXMmtldVM0K2FPdWtJYzk5cjdaZWoxN1ZINThGSDRvaEhzUXlwU3RTeC96QU5QT0FrZ2JLYklDcHZGRGdCRmxTdXF0amp1bXdBMXlMdWQxOUlSczRSM2Nqc1VuYUx0NGhmTW92WkplYlFuVk40ck9HUWpnWDdWYTU0cDFTSDErNmljTFNEcTdmOGE0cHp4dmVod09QWGlOaTRnSy9nb3JYWmF4WWNDMmRUV2xRZWpEZHFNZz09fA&cppv=2
Request Chain 59
  • https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1---&b=1&g=ZEaHD9PcBjy75lUsnRW99x9O8WboFr7sDUCjcdQC%2BsQ%3D
Request Chain 73
  • https://sb.scorecardresearch.com/cs/27053452/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/27053452/beacon.js
Request Chain 88
  • https://sb.scorecardresearch.com/b?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705069283651&ns_c=UTF-8&c7=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&c8=Inspirational%20Quotes%20on%20Beautiful%20Wallpapers%20-%20QuoteFancy&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705069283651&ns_c=UTF-8&c7=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&c8=Inspirational%20Quotes%20on%20Beautiful%20Wallpapers%20-%20QuoteFancy&c9=
Request Chain 93
  • https://oajs.openx.net/esp?url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&rid=esp&cc=1
Request Chain 110
  • https://bh.contextweb.com/bh/rtset?pid=562728&ev=dd2574a0-b155-11ee-8571-813a2ca4bdfa&rurl=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpulsepoint%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D%25%25VGUID%25%25 HTTP 302
  • https://exchange.pubnation.com/usersync/redirect?partner=pulsepoint&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=SQ7VaPKApf5j&ev=dd2574a0-b155-11ee-8571-813a2ca4bdfa&pid=562728
Request Chain 112
  • https://u.openx.net/w/1.0/cm?id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId= HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Request Chain 113
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pubnation&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pubnation&endpoint=us-east
Request Chain 115
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dyieldmo%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D%24UID HTTP 302
  • https://exchange.pubnation.com/usersync/redirect?partner=yieldmo&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=VEzYkGcQQYcwA8NMH3W0&gdpr=&gdpr_consent=&us_privacy=1---
Request Chain 116
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dtriplelift%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D%24UID HTTP 302
  • https://exchange.pubnation.com/usersync/redirect?partner=triplelift&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=4117923867202039094483
Request Chain 117
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199830&cb=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3DindexExchange%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3DindexExchange%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D&s=199830&C=1 HTTP 302
  • https://exchange.pubnation.com/usersync/redirect?partner=indexExchange&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=ZaFK5Nv31rY90DfpRZT2bAAA%265569
Request Chain 118
  • https://contextual.media.net/cksync.php?cs=19&type=mdv&ovsid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&us_privacy=1---&redirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dmediadotnet%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D%3Cvsid%3E HTTP 302
  • https://exchange.pubnation.com/usersync/redirect?partner=mediadotnet&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=3480708841523799000V10
Request Chain 119
  • https://sync.colossusssp.com/ortb.gif?redir=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dhuddled_masses%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D%5BUID%5D HTTP 302
  • https://exchange.pubnation.com/usersync/redirect?partner=huddled_masses&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=07ae1cef-b5e8-41f0-879e-a378f259d97b
Request Chain 120
  • https://jadserve.postrelease.com/suid/101960?ntv_r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dnativo%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DNTV_USER_ID HTTP 302
  • https://exchange.pubnation.com/usersync/redirect?partner=nativo&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=e7ade0f5-7c8b-4e53-bc97-b93631c89096
Request Chain 121
  • https://secure.adnxs.com/getuid?https://exchange.pubnation.com/usersync/redirect?partner=appnexus&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dappnexus%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D%24UID HTTP 302
  • https://exchange.pubnation.com/usersync/redirect?partner=appnexus&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=3856803846468436779
Request Chain 122
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dmediagrid%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1---&user_id=dd2574a0-b155-11ee-8571-813a2ca4bdfa HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dmediagrid%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1---&user_id=dd2574a0-b155-11ee-8571-813a2ca4bdfa HTTP 302
  • https://exchange.pubnation.com/usersync/redirect?partner=mediagrid&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=ecefce38-80ea-413e-bb6f-a7aa7208bba0
Request Chain 123
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy=1---&user_id=dd2574a0-b155-11ee-8571-813a2ca4bdfa HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy=1---&user_id=dd2574a0-b155-11ee-8571-813a2ca4bdfa HTTP 302
  • https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=themediagrid
Request Chain 124
  • https://ups.analytics.yahoo.com/ups/58814/sync?redir=true&gpp_sid=-1&gpp=DBABzw~1---~BqgAAAAAAgA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58814/sync?redir=true&gpp_sid=-1&gpp=DBABzw~1---~BqgAAAAAAgA&verify=true HTTP 302
  • https://exchange.pubnation.com/usersync/redirect?partner=verizon&partnerId=y-0hV_ocRE2uKS.VX90zRpRiYSbL1WheS4~A&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=-1
Request Chain 132
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3856803846468436779
Request Chain 133
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_784e2795-0b60-4c92-a5aa-180ee9001fa7&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=ecefce38-80ea-413e-bb6f-a7aa7208bba0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=ecefce38-80ea-413e-bb6f-a7aa7208bba0&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dgumgum2%26bsw_param%3Decefce38-80ea-413e-bb6f-a7aa7208bba0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f5cc8976-a193-4c27-9918-e0b494ca0d22%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dgumgum2%252526bsw_param%25253Decefce38-80ea-413e-bb6f-a7aa7208bba0%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70451e3f-8576-44e3-b479-ae4858a3ebcb&ttd_puid=f5cc8976-a193-4c27-9918-e0b494ca0d22%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dgumgum2%2526bsw_param%253Decefce38-80ea-413e-bb6f-a7aa7208bba0%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=gumgum2&bsw_param=ecefce38-80ea-413e-bb6f-a7aa7208bba0 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=ecefce38-80ea-413e-bb6f-a7aa7208bba0&gdpr=&gdpr_consent=&us_privacy=
Request Chain 134
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e8c4fa87-9e40-0546-2394-6616c33b4043
Request Chain 135
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69
Request Chain 136
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-.KWGbQ9E2pcMzF.fYHXrPPqYePd.DmTlodJp~A
Request Chain 137
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=6f1ebc94-d3d1-488e-b28a-77cdc832b37d
Request Chain 139
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_784e2795-0b60-4c92-a5aa-180ee9001fa7&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=u_784e2795-0b60-4c92-a5aa-180ee9001fa7&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=mtRNexdJAiYiA4CMZ-BJ&us_privacy=1---
Request Chain 140
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=SQ7VaPKApf5j&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 141
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3618674865577090467
Request Chain 145
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=4a3f2191-7b12-0b70-1b96-f60832f020dd HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokNGEzZjIxOTEtN2IxMi0wYjcwLTFiOTYtZjYwODMyZjAyMGRkEAAaDQjklYWtBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=73355c859cf3128bf77fdd286fb9d6247139dc91872d4f8c13704665851e9d93791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=73355c859cf3128bf77fdd286fb9d6247139dc91872d4f8c13704665851e9d93791426b5417dce21&rand=07707264 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=73355c859cf3128bf77fdd286fb9d6247139dc91872d4f8c13704665851e9d93791426b5417dce21&rand=07707264&expected_cookie=a4cac367-52b7-4faf-8bd7-39cffc326344
Request Chain 146
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3856803846468436779
Request Chain 147
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2857394797843077431&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 148
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZaFK5AAN9yxRcwBU HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZaFK5AAN9yxRcwBU&_test=ZaFK5AAN9yxRcwBU
Request Chain 150
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=472f228a-aaff-86ea-84e1-f46c63588ae5 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=472f228a-aaff-86ea-84e1-f46c63588ae5&dcc=t
Request Chain 151
  • https://match.adsrvr.org/track/cmf/openx?oxid=1ff95ef7-b655-3d10-44ef-76fb0b6b4105&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=70451e3f-8576-44e3-b479-ae4858a3ebcb&ttd_puid=1ff95ef7-b655-3d10-44ef-76fb0b6b4105&gdpr=0&gdpr_consent=
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJoWfCmUy0fS4vkwvf1J37s&google_cver=1
Request Chain 154
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=1153590972671537316&gdpr=&gdpr_consent=
Request Chain 157
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=00776a12-e42f-015e-327a-edbaef594f34&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaFK5MQcy7kiseXRetkkMe6q
Request Chain 158
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=wK_Uyx_ThD6imzpM2HJ7vw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 159
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=cecae5ce-b346-4859-99db-46f18af7e69b
Request Chain 160
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=f2d37a63-f662-43ed-b1f2-c0d48c1ca65d-65a14ae4-5553&gdpr=0&gdpr_consent=
Request Chain 161
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=19872d0b-ed52-0097-0e0e-ee2d38e78009 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=19872d0b-ed52-0097-0e0e-ee2d38e78009
Request Chain 162
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=70451e3f-8576-44e3-b479-ae4858a3ebcb
Request Chain 163
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaFK5cCo5sMAALTC2e0AAAAA
Request Chain 164
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=vbKPo6BZzg43kT8Uf3YS5UeqoimMo025DM5gfrcAftI&pi=gumgum&tc=1
Request Chain 166
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 176
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=8CDE2E07-4406-4518-912F-270386807B48&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=8CDE2E07-4406-4518-912F-270386807B48&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 177
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=dde168c2-b155-11ee-9877-b7874cadc6e0
Request Chain 178
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEaUVFN0xRcFlBQUJXdy13cXZ2UQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADiEE7LQpYAABWw-wqvvQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3618674865577090467&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADiEE7LQpYAABWw-wqvvQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3618674865577090467%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3618674865577090467&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADiEE7LQpYAABWw-wqvvQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AADiEE7LQpYAABWw-wqvvQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3618674865577090467%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3618674865577090467&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADiEE7LQpYAABWw-wqvvQ&gdpr=0
Request Chain 179
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3856803846468436779&gdpr=0&gdpr_consent=
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jN4uB0QGRRiRLycDhoB7SA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 182
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=8CDE2E07-4406-4518-912F-270386807B48 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=8CDE2E07-4406-4518-912F-270386807B48 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f5cc8976-a193-4c27-9918-e0b494ca0d22%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70451e3f-8576-44e3-b479-ae4858a3ebcb&ttd_puid=f5cc8976-a193-4c27-9918-e0b494ca0d22%2C%2C
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OENERTJFMDctNDQwNi00NTE4LTkxMkYtMjcwMzg2ODA3QjQ4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGG23-gOGAYEoQJw6AZDiKQ&google_cver=1
Request Chain 187
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5697288BF3A14FB995EFB39A3BD7F04E
Request Chain 188
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=70451e3f-8576-44e3-b479-ae4858a3ebcb&gdpr=0&gdpr_consent=
Request Chain 190
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8CDE2E07-4406-4518-912F-270386807B48&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bj3.V0BE2uUy.GU_Aw80cjtZwN5T5uk-~A&gdpr=0
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
Request Chain 201
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFK5Nv31rY90DfpRZT2bAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEInb13h8OkGXpalclHmGkQA&google_cver=1
Request Chain 203
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1NjgwMzg0NjQ2ODQzNjc3OQ%3D%3D
Request Chain 223
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pubnation&khaos=LRAQ87BD-D-GIJZ HTTP 302
  • https://exchange.pubnation.com/usersync/redirect?partner=rubicon&partnerId=LRAQ87BD-D-GIJZ
Request Chain 252
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRAQ87BD-D-GIJZ HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LRAQ87BD-D-GIJZ
Request Chain 254
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=70451e3f-8576-44e3-b479-ae4858a3ebcb&gdpr=0&gdpr_consent=&expires=30
Request Chain 255
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJBUTg3QkQtRC1HSUpa HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELp49RaID0JtYN8kTBOTiG8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBUTg3QkQtRC1HSUpa&google_push=
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOImiKa2zlQiadZlTckqkW4&google_cver=1
Request Chain 257
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRAQ87BD-D-GIJZ
Request Chain 258
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uxkPgPtFRFiHwpo2QElfVQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uxkPgPtFRFiHwpo2QElfVQ
Request Chain 259
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zhc0INTDbBUrS0-dkCGEYg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5wa_FCtE2oKDixlfHiGSsTKYeRgXywrFwJjibw--~A
Request Chain 260
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRAQ87BD-D-GIJZ&ex=d-rubiconproject.com&status=ok
Request Chain 261
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE3MzdiZGQzY2YzODEzNmQ4OTk4NDI4MWE4MDM0MTA5NDg4MTQxNg
Request Chain 263
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADiEE7LQpYAABWw-wqvvQ&expires=30
Request Chain 264
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRAQ87BD-D-GIJZ HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRAQ87BD-D-GIJZ HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRAQ87BD-D-GIJZ&ckls=true&ci=tY1WczNcmm&nc=false&trid=332135043
Request Chain 265
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRAQ87BD-D-GIJZ&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRAQ87BD-D-GIJZ&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 266
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRAQ87BD-D-GIJZ&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRAQ87BD-D-GIJZ&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1EdFlEVFZ4RTJ1RkdLbkZxanFYb1BZX28yUk9rb3N3S35B&ovsid=LRAQ87BD-D-GIJZ&dpid=58160
Request Chain 267
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6f1ebc94-d3d1-488e-b28a-77cdc832b37d&expires=30
Request Chain 268
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRAQ87BD-D-GIJZ
Request Chain 269
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LRAQ87BD-D-GIJZ HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LRAQ87BD-D-GIJZ&dnr=1
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
Request Chain 271
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFK5Nv31rY90DfpRZT2bAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEInb13h8OkGXpalclHmGkQA&google_cver=1
Request Chain 273
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1NjgwMzg0NjQ2ODQzNjc3OQ%3D%3D
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECApZuaNuuODH-yktyUUfD8&google_cver=1
Request Chain 275
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzM5NjhkM2QtN2YyMi02M2I0LTUxMGYtMmM0MmMxODk4ZjY1
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEK19xEm97SJ3sktfeGfOyGI&google_cver=1
Request Chain 277
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzIwYzg5MGUtZTZmYS00ODcyLTg1NTktNzQyMzAzOTlkZjZk
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEOJ1gUwunfqJaiBqt5TuVgs&google_cver=1
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDXyg-IObSys2J9q9Fsm_uk&google_cver=1
Request Chain 284
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIJ9_k0_bRCTPTaUXNDnCQ0&google_cver=1&google_push=AXcoOmT0bCSGh4YtJzw7n4zx5KhN28MGSojTFlrnK-xpDw2c-U5pTKbKEzZ320ET_scZ2Q1GXB6Zt9Bq2MDy4UWc5PfWI11j29oI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT0bCSGh4YtJzw7n4zx5KhN28MGSojTFlrnK-xpDw2c-U5pTKbKEzZ320ET_scZ2Q1GXB6Zt9Bq2MDy4UWc5PfWI11j29oI
Request Chain 285
  • https://a.c.appier.net/gcm?google_gid=CAESEOFgL3QhTpO3yia6Psd2swM&google_cver=1&google_push=AXcoOmSlF6XDOHZQlFE6KIRNxTjwwExfyLU07LjVxiWPq_gDmnE0M9J5alrZFDf3OFJiKKjI1VQP7Laxfz7w9Kp-EoR1xfy63Cg2iQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Y3lHVkFHc0hCdm1EWW4xbjVrcWhaUQ%3D%3D&google_push=AXcoOmSlF6XDOHZQlFE6KIRNxTjwwExfyLU07LjVxiWPq_gDmnE0M9J5alrZFDf3OFJiKKjI1VQP7Laxfz7w9Kp-EoR1xfy63Cg2iQ
Request Chain 286
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMGe-aGep6VUXrgeMuSFemg&google_cver=1&google_push=AXcoOmQAQZIhrn4AzbDOThYCEdN2ZHdHN_Jzrh985JZVWRnn1OKApcWoFmsBNool74SLFSeJvMKDaKr12hi_l11A54uQrbMUbxHTkw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQAQZIhrn4AzbDOThYCEdN2ZHdHN_Jzrh985JZVWRnn1OKApcWoFmsBNool74SLFSeJvMKDaKr12hi_l11A54uQrbMUbxHTkw&google_hm=wK_Uyx_ThD6imzpM2HJ7vw==
Request Chain 287
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEPZjObhQ_f4yMg4Cbq6xJiM&google_cver=1&google_push=AXcoOmSeGcnn_mUwgyuXVosOWaBXErOemhAA-24Z6TuQveMwPcJ9jH_yaq54szxjGnj_wOzvHlonpwMus5Jh4MHEsqw0mocXyFFDSA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU3NzM5NjIwMTQ1NjIwMjIyMzI&google_push=AXcoOmSeGcnn_mUwgyuXVosOWaBXErOemhAA-24Z6TuQveMwPcJ9jH_yaq54szxjGnj_wOzvHlonpwMus5Jh4MHEsqw0mocXyFFDSA
Request Chain 288
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECxlTnVclhPGvjQUiAV58OM&google_cver=1&google_push=AXcoOmRIhgLbSaJP9kgG1u86xJ1_mvlvSW_fDF_sjqNMmTE33_GYQNRePR0wlxdLkxWLPsVEg-Aq4lCIJX8hBtTucLlQK0e0GQI46w HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECxlTnVclhPGvjQUiAV58OM&google_cver=1&google_push=AXcoOmRIhgLbSaJP9kgG1u86xJ1_mvlvSW_fDF_sjqNMmTE33_GYQNRePR0wlxdLkxWLPsVEg-Aq4lCIJX8hBtTucLlQK0e0GQI46w&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRIhgLbSaJP9kgG1u86xJ1_mvlvSW_fDF_sjqNMmTE33_GYQNRePR0wlxdLkxWLPsVEg-Aq4lCIJX8hBtTucLlQK0e0GQI46w&google_hm=H-rdhGZHkZV6eukwSxOZiFPV
Request Chain 289
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOd0xN4swtJZ5hcVTfVcdf4&google_cver=1&google_push=AXcoOmScughw7KDyAi5fJizicfHfMwG5MsfOxZONoFxfqGa7N56AnU0DcrJ4fpIVwyV2zR5Lehs4zZNz-8GTOoc27oHpJdGC7tAc HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=0e8f6c97a7&gdpr=0&gdpr_consent=
Request Chain 290
  • https://sync.inmobi.com/gob?google_gid=CAESED8NyMEHTzvXYtQw2TcALzI&google_cver=1&google_push=AXcoOmQEwbH_okgZyiEi0DwVEVoMkZHT3CEDxfHpeiRm9dG6pttsJ5tbv8OnAdVx8yEN55HvR-E1ZoJ0IdhWa0KVTfQmKVV3kJqQhn8 HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQEwbH_okgZyiEi0DwVEVoMkZHT3CEDxfHpeiRm9dG6pttsJ5tbv8OnAdVx8yEN55HvR-E1ZoJ0IdhWa0KVTfQmKVV3kJqQhn8 HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-c5c8qjEYcNAzsZ1WCtWLCYV1aqQyrcC9CgKP0aeq1A&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=NVduaRzUeHN0hr0s1SBz&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ&google_nid=inmobi_new_eb
Request Chain 296
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESECCAKLXkGzO09BDacRT_s20&google_cver=1&google_push=AXcoOmSaRUk-3K41z9Q3-76IIInkW6M8TuNCOz1o-6mxeDoNiMGIcYsoMvZDVm0gNWVAW-rb_KXtTOfhtqNTnHXbXK05k6gaE6rJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSaRUk-3K41z9Q3-76IIInkW6M8TuNCOz1o-6mxeDoNiMGIcYsoMvZDVm0gNWVAW-rb_KXtTOfhtqNTnHXbXK05k6gaE6rJ&google_hm=UjMzNjQ3XzEwRjJEMzI1OV8yNjc2NjAyNw%3D%3D
Request Chain 297
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEKqbZF9VO7mvE7q6xS4YU4A&google_cver=1&google_push=AXcoOmR61M2_SLhHOpIYw3yzYNBNBKMCG5-m2bqdXyZ3oJNQeKKiz0nURc0qBo2ghcxl4g-RxW2YHAX54pnvNo9xIgtr8OV0nC1e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZjA4NjA0YTgtMzQ1Zi00NzMyLTlmOTctNjliMTEzYzNlMzU2&google_gid=CAESEKqbZF9VO7mvE7q6xS4YU4A&google_cver=1&google_push=AXcoOmR61M2_SLhHOpIYw3yzYNBNBKMCG5-m2bqdXyZ3oJNQeKKiz0nURc0qBo2ghcxl4g-RxW2YHAX54pnvNo9xIgtr8OV0nC1e
Request Chain 298
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIaBXVgrPG-OEJZJcb5UR20&google_cver=1&google_push=AXcoOmTbV8psO3vEkTxKsyBsUlevtLjLkRBrZyGByl44v0HLtq1Eofsq8XzMyh335-BPFgcHqQTN5k2ATJmqQ-YgL4b00BCTZDDVcw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIaBXVgrPG-OEJZJcb5UR20&google_hm=ZaFK5Nv31rY90DfpRZT2bAAAFcEAAAAB&google_nid=index&google_push=AXcoOmTbV8psO3vEkTxKsyBsUlevtLjLkRBrZyGByl44v0HLtq1Eofsq8XzMyh335-BPFgcHqQTN5k2ATJmqQ-YgL4b00BCTZDDVcw
Request Chain 299
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOd0xN4swtJZ5hcVTfVcdf4&google_cver=1&google_push=AXcoOmSNHm3Iw7tNSrepKlj8xR7N4-7LiMSxIFajRd953KWB8DT33zrWKKRdCaVTjZs_gafl1--Eurfb-RNd7mcvWOcNg5D6e5b_fw HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=d985cb2f3f&gdpr=0&gdpr_consent=
Request Chain 301
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEKpeNWIJ3gA2VDjTHLy5liw&google_cver=1&google_push=AXcoOmRVQbNFV7DKL6ZOnZBWWsCJorjqpRzxjP8s6xKi7S9H9oqF3T1_X3KG6rqRhnGTM5Zbb8QhomI1sM6Gl_DzsHpOD11LofoqUg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRVQbNFV7DKL6ZOnZBWWsCJorjqpRzxjP8s6xKi7S9H9oqF3T1_X3KG6rqRhnGTM5Zbb8QhomI1sM6Gl_DzsHpOD11LofoqUg&google_hm=1db296cda2faa699c8f682b863807683
Request Chain 309
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPq7pYDdYXDMQSPfUEQsN_o&google_cver=1&google_push=AXcoOmRl4dm4KkMWPmOy5jmwSJTeG5KoCYPHpReV1Nm7Kdy6zrBxoLFf47hJuDDOG8bn3t0iT0ERSB7_zBf9wb-PIwZAutqmWaLr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRl4dm4KkMWPmOy5jmwSJTeG5KoCYPHpReV1Nm7Kdy6zrBxoLFf47hJuDDOG8bn3t0iT0ERSB7_zBf9wb-PIwZAutqmWaLr&google_hm=MzYxODY3NDg2NTU3NzA5MDQ2Nw%3D%3D
Request Chain 310
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEJtelJzkLm0OMVv6yIKOTiY&google_cver=1&google_push=AXcoOmSDB_MyyQkXRksqVwWOaCdMsBKKctp36GGC7vo3fOxMXLNWAi8L0EG1v-LkACGAdiD2B-8wj-U6yuvvr2lLTjiDWkzrrqRS7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSDB_MyyQkXRksqVwWOaCdMsBKKctp36GGC7vo3fOxMXLNWAi8L0EG1v-LkACGAdiD2B-8wj-U6yuvvr2lLTjiDWkzrrqRS7A&google_hm=ODk4OTQwNzI1NDM1NDAwMTQ0MA==
Request Chain 311
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQVxTYVZ9OTLzaUu3vn4P4C2enkS4798TmhqewYC6QtKA9xy_N-poyrXwnTwdWX2YoD8JyB-aXhUDqi4_Thi9hAlACn5eOdow&google_gid=CAESEONXnIL6vgpzq-6aynAjB6U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEONXnIL6vgpzq-6aynAjB6U&google_hm=T1BVOThkMWQ4N2E4YWFkNGRiMDkwMDk2Y2FhZDQ2ZDUwZGM&google_nid=opera_norway_as&google_push=AXcoOmQVxTYVZ9OTLzaUu3vn4P4C2enkS4798TmhqewYC6QtKA9xy_N-poyrXwnTwdWX2YoD8JyB-aXhUDqi4_Thi9hAlACn5eOdow
Request Chain 312
  • https://sync.inmobi.com/gob?google_gid=CAESED8NyMEHTzvXYtQw2TcALzI&google_cver=1&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-c5c8qjEYcNAzsZ1WCtWLCYV1aqQyrcC9CgKP0aeq1A&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=NVduaRzUeHN0hr0s1SBz&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ&google_nid=inmobi_new_eb
Request Chain 313
  • https://an.yandex.ru/mapuid/google/CAESEJI-5MAz5dDwifuz9K0bU8s?ext-param=AXcoOmQqjZjTZhFU0aDY7fQSY4m0FvYPw-6qxB5bV7U2HZwYGQPa70ezLFWdovcdyHYig7q9eGpOqwSvgIc6T9yAemy-qegcuRYWKg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEJI-5MAz5dDwifuz9K0bU8s?redir-setuniq=1&ext-param=AXcoOmQqjZjTZhFU0aDY7fQSY4m0FvYPw-6qxB5bV7U2HZwYGQPa70ezLFWdovcdyHYig7q9eGpOqwSvgIc6T9yAemy-qegcuRYWKg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJI-5MAz5dDwifuz9K0bU8s&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 314
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEG-9_EtvsJ0kgJ28nDv1M3k&google_cver=1&google_push=AXcoOmQ-Bi7gApNZiRvU_tLiYm7Vt21aVIzpIfxdvHjX4vh_W1Zzdt9M26FEbmiMguVfoWxM_TFHKvxKMq9X3up4ditmqY0ESUJ2GA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmQ-Bi7gApNZiRvU_tLiYm7Vt21aVIzpIfxdvHjX4vh_W1Zzdt9M26FEbmiMguVfoWxM_TFHKvxKMq9X3up4ditmqY0ESUJ2GA
Request Chain 317
  • https://fw.adsafeprotected.com/rfw/st/1880958/77369971/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015449892&ias_pubId=pub-6445234841753687&ias_chanId=1&ias_placementId=20881761062&bidurl=https://quotefancy.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gcON_Cvc9xyie0F_rXctbk&adContainerId=brand_safety_5EqhZf-vO_uRnboPuZa_wAw&cbFunctionName=goog_wrapCb_5EqhZf-vO_uRnboPuZa_wAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site&adsafe_type=y&adsafe_url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:cb021740-ff05-c4a5-d96f-ed11c710c81f,c:13nB8y,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-56b8495967-hvcf4,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:u19SXzl+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1a6%7C1a7%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i*.1880958-77369971%7C1i1%7C1i2%7C1i3%7C1j1%7C1k%7C1l1%7C1l2%7C1l3%7C1m1%7C1m2%7C1m3%7C1n1%7C1n2%7C1n3,idMap:1i*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:68,oid:de6ee545-b155-11ee-8328-365bbfb2db70,v:19.8.471,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 335
  • https://feed.pghub.io/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&owner=P%26G&bp_id=pubnation&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Hobbies%20%26%20Interests%22%2C%22subcategory%22%3A%22Arts%20%26%20Crafts%22%2C%22liveramp_idl%22%3Anull%7D HTTP 302
  • https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&owner=P%26G&bp_id=pubnation&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Hobbies%20%26%20Interests%22%2C%22subcategory%22%3A%22Arts%20%26%20Crafts%22%2C%22liveramp_idl%22%3Anull%7D

354 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
arvan.arv1.arv1.vai2app.site/ 		88 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
4c5d4728483f4b2d31fbd3e11c2818b988c86d3e3195248ec8d93923bc148bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, s-maxage=10
cf-cache-status
DYNAMIC
cf-ray
84460b805c93195c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 14:21:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzt81u%2F%2BlRK%2BvcqndYJNpxoOjsHlj1xWQoV0UeARVYBZaXrOnHZ5%2Fo12Gjtcar18f9qKq%2FWN%2FyHWpl3oDlQgFfygH3SiEOA4qthpJCgqEIAMkFP9jCij%2BDB1UyOa2P2f"}],"group":"cf-nel","max_age":604800}
server
ArvanCloud
server-timing
total;dur=270
vary
User-Agent,Accept-Encoding
x-cache
BYPASS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-mod-pagespeed
1.13.35.2-0
x-request-id
5aee23d543342ddd461b98db86a25438
x-sid
6112
x-xss-protection
1; mode=block
88cdb005-111a-41bd-a74e-87fc4a56f1d3.js
scripts.pubnation.com/tags/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/88cdb005-111a-41bd-a74e-87fc4a56f1d3.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
3ff3533327d1118f3cbfc3d990854d028d64849760c1ac7d05d0332e152ffd94
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
39172
x-powered-by
Express
x-cache
HIT, HIT
content-length
17838
x-served-by
cache-iad-kcgs7200026-IAD, cache-mia-kmia1760076-MIA
x-timer
S1705069277.648971,VS0,VE0
etag
W/"fa4b-B2MUiU1oBTyd/6vINEkn+PKBEHs"
vary
country=US, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
accept-ranges
bytes
x-cache-hits
17, 3
18846.jpg
quotefancy.com/media/wallpaper/thumb/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/18846.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
875701e9efd7d7fc0405df7b9b918421bf61ad9e0be8d2a394e26e3e5e4f2dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3828184
alt-svc
h3=":443"; ma=86400
content-length
21453
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Mon, 14 Jun 2021 16:44:07 GMT
server
cloudflare
etag
"53cd-5c4bc90ecccae"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeWzk7tQbwEe6zb20pkXEBwKhuVTMDXtqw9xcQfTxb%2FhfsZPyx6767Dz%2Fqaf7%2BfOt1kpc95GqtEzNxbmLcn%2BgE0Er0SaS6%2FYAQtDUD5UlWl4dYDzSnU2XfpNGn4kFktepvq%2BGDOnrsWTa5p3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b82e85831d2-MIA
jquery-3.6.3.min.js.pagespeed.jm.LR0Y0tFySS.js
quotefancy.com/frontend/js/modules/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quotefancy.com/frontend/js/modules/jquery/jquery-3.6.3.min.js.pagespeed.jm.LR0Y0tFySS.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d00bc067a02295551266eab922aba57fbe28fa953b00c571e3d804163df1b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-original-content-length
89947
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6013068
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 01 Nov 2023 10:46:43 GMT
server
cloudflare
etag
W/"0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw5VQcEKIrye7QSCcibYMnsRB72zgRI5gUB0egHx6arv7xjmBZwqbWztoKeP%2FriwZhPfJu4AWZJpaBSvaBvSHmBibSvKfOxJ3IdkJXumxwzKf4GRGAwRyaSwh8j%2FqXzvymLCgRjdHsj%2FcqHo"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
84460b82e85731d2-MIA
expires
Thu, 31 Oct 2024 10:46:43 GMT
quotefancy-logo-x1-lossy.png
quotefancy.com/frontend/img/logo/combined/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/frontend/img/logo/combined/quotefancy-logo-x1-lossy.png
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03c4ffb34c327b7bd98ceedfd8762dde6671f1581d21d37c6038ab128a9b4241
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3636361
alt-svc
h3=":443"; ma=86400
content-length
1144
x-xss-protection
1; mode=block
last-modified
Tue, 02 Nov 2021 10:58:57 GMT
server
cloudflare
etag
"478-5cfcc2e19d629"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XftLM75zBFIihyjUIhTKPCcnrLwmy85%2FeCzBgJXEplpKkTliMQblJzfFzNxdqLjlm36wtAiuGDP6cBNeuh2TBTtlhtae2v%2BUdCfhQjAg0rvFC6MPlBEMeUqdTSRsfYecVOriVe5tnJhepfsM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b82e85931d2-MIA
modules,_jquery,_jquery-migrate-1.4.1.js+modules,_jquery,_jquery.lazyload.min.js+home.js+modules,_registration,_request.invitation.js.pagespeed.jc.MyrRUnsWdk.js
quotefancy.com/frontend/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quotefancy.com/frontend/js/modules,_jquery,_jquery-migrate-1.4.1.js+modules,_jquery,_jquery.lazyload.min.js+home.js+modules,_registration,_request.invitation.js.pagespeed.jc.MyrRUnsWdk.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f7c65b5a45011683644475dcc32160c80f52fe466100efff255b3cacd3a1987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-original-content-length
28313
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2168132
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 17 Dec 2023 14:14:07 GMT
server
cloudflare
etag
W/"0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xc6E6EoTUoRxhoBHAlSDX0iTPoXuUF5XGyBhY4wsRvbt4gJkMo9WKpdUrz2fFS6PV5lnqcGXF1%2B6ZaWBDTN%2Fm87XzJ%2B88qqfkAd5jLr5KhsmpRJN%2BqWDgvtLHQyoKdtZb6V5XxINhkgjc96S"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
84460b83798e31d2-MIA
expires
Mon, 16 Dec 2024 14:14:07 GMT
countryLookup
scripts.pubnation.com/flooring/ 		77 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/flooring/countryLookup
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/88cdb005-111a-41bd-a74e-87fc4a56f1d3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
6c200f99eac66fdf4ca9a9817fdcd86c48ca228f25e593462e11a980659a189d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760039-MIA
date
Fri, 12 Jan 2024 14:21:16 GMT
via
1.1 varnish
strict-transport-security
max-age=300
server
Varnish
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
77
retry-after
0
x-cache-hits
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/88cdb005-111a-41bd-a74e-87fc4a56f1d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45cefc58eaa0637981e03ce0df66ab89809f8327886b1444c239b1ef3d6e4ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29470
x-xss-protection
0
server
cafe
etag
873 / 19734 / 31080405 / config-hash: 9168911636527851926
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 14:21:16 GMT
settings.json
scripts.pubnation.com/launcher/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/launcher/settings.json?off=pubnation
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/88cdb005-111a-41bd-a74e-87fc4a56f1d3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
87371180f5fcd7949401f3dd0159417f0863a778eeb744095df331dc37bb502d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
55887
x-powered-by
Express
x-cache
HIT, HIT
content-length
1291
x-served-by
cache-iad-kcgs7200174-IAD, cache-mia-kmia1760039-MIA
x-timer
S1705069277.842021,VS0,VE0
etag
W/"1b95-k62AlRjbT/EaPD7NqmwTCgAAiRY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
accept-ranges
bytes
x-cache-hits
6, 1696
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
625
age
4623697
cdn-cachedat
10/31/2023 18:49:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
2d4af37aa8ad9dfa03e84029bfd8f13a
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
84460b849ca121c7-MIA
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SG27W8H91H
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8b63550d4bffc7e0f4a72b019a88e548567a0820b912b6bd5efa3f0de29a9eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85893
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 14:21:17 GMT
GetCollections
arvan.arv1.arv1.vai2app.site/ajax/Home/ 		70 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://arvan.arv1.arv1.vai2app.site/ajax/Home/GetCollections
Requested by
Host: quotefancy.com
URL: https://quotefancy.com/frontend/js/modules/jquery/jquery-3.6.3.min.js.pagespeed.jm.LR0Y0tFySS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
bceff1a9d286d3194baea0665f1bdb84e1cceb0b8bd2cecfdfbc963626b48190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

qf_rpc_3
aF01paOUQEYuzpHifkWsiNkwcrGWUYcZUON1p1NN0w
qf_rpc_2
iGGEcPl4Dc2XHEkgU80Y8Y1q8XGSRDIaI09A0ymvaj
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
qf_rpc_1
ic6mxXMUZXaaP668unGC3HnFQjMv1Y5hooNWCcJkeW
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://arvan.arv1.arv1.vai2app.site/
X-Requested-With
XMLHttpRequest

Response headers

date
Fri, 12 Jan 2024 14:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
ArvanCloud
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fetOURmBF%2BY8GkyaoapWL5XjTq8BMFT84xcKN84rFzIGPMtETM1TLU1rnDXlJPJtBISb%2BUQg5lantW2YAPx211CHPDP7hFc5XihwFyYGrQEVhsRgvFMsf41j9yYbofzE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-frame-options
SAMEORIGIN
server-timing
total;dur=227
cf-ray
84460b857afa9a12-FRA
x-xss-protection
1; mode=block
x-request-id
d8290cf3830f7960a1e98e7203a9a83f
x-sid
6112
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
island-lake.jpg
quotefancy.com/frontend/img/homecovers/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/frontend/img/homecovers/island-lake.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df132526a4b911ac18910ada4b3f3cd57ec5b42e1680ea30765bcb8fd45e237b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
769713
alt-svc
h3=":443"; ma=86400
content-length
76375
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Mon, 09 Mar 2015 14:48:00 GMT
server
cloudflare
etag
"12a57-510dc1edf784d"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7Zgih2r3sGpI52llxZbxLrZ3QABWL7ytCLGqALks3KpB6yoqDgHGu1h6wrKwdj2%2BDUcW8WL02AAW2U8U7Uge1nrYh2IZTY%2Fs36l9Yd7ei832qg7mqu23FqgKqTIwnFlYIzfRAepZEAruREo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b84485b099e-MIA
720.jpg
quotefancy.com/media/wallpaper/thumb/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/720.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd782f99ce8a0e8c96b45aa2e1566398cc237b948c637addc07d7d7be72cbdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5523009
alt-svc
h3=":443"; ma=86400
content-length
23957
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Fri, 12 May 2017 14:09:58 GMT
server
cloudflare
etag
"5d95-54f5442b3d78e"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANjIjmD7Ob4pymOrCy1ybI9SeRZs%2FDEw8AXsqxA0Tm4cFag5sNcQqI3lLmLBcDpnGswE6f4L99xBKxSa1C3VXkQ1bhxUjmwaQBHMcbaknAS1rT6TUgFj6rMFLrl%2FkKC7v6FpHM%2FIcOadqjX1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b848897099e-MIA
19979.jpg
quotefancy.com/media/wallpaper/thumb/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/19979.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9ca839edaf16bccf0b0b10a6cb631f5c3837c14bb19a8ce3db802a26dcf26b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3724351
alt-svc
h3=":443"; ma=86400
content-length
29906
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Fri, 12 May 2017 20:48:20 GMT
server
cloudflare
etag
"74d2-54f59d35de263"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFeLx5v%2BK6jgtwguw%2F1sQmipZxHuXebq0p%2F4b4qM%2BdjDxE17NtnWrX3tH8%2FxqzyZ4XplKeqYTvvDZTflntcFP2VZOOxgql%2B0bIfBdC0gup%2FCpnRglcml8NUFDxtaUDTQtd2oAUEHY2mbLa5a"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b848898099e-MIA
1788.jpg
quotefancy.com/media/wallpaper/thumb/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/1788.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b923440366626dfc600c9bf97a330b2f70435f451f8cb90133ccbbad952358f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5463724
alt-svc
h3=":443"; ma=86400
content-length
15313
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Fri, 12 May 2017 14:30:28 GMT
server
cloudflare
etag
"3bd1-54f548c01ce23"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7odg9oyO7k8qyroDHEwFN3RU9aAtDigpiSDSXmH8hHD2JExLuVq%2BEM6gpoYWlPMFPHqqKcss7oVWLxzdFg6THkEHHxXnnuKEusLyVYhV9PMGtzWCqIwbI44dq2dxX44aTfolWQSve240tVx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b848899099e-MIA
21531.jpg
quotefancy.com/media/wallpaper/thumb/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/21531.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ad45fa6d1bbcac41a6b5b4c7ac1b5a3a5582e0550c64cccb7d60d27dbc6e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3628408
alt-svc
h3=":443"; ma=86400
content-length
14665
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Fri, 12 May 2017 21:19:36 GMT
server
cloudflare
etag
"3949-54f5a432e0ab1"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJ0%2FMBsw%2BdkANWkBVEZGcUPEywM7Q1PLBCL3iFSO4rr00kTpO5FTsHazpOLzyZAYqF1uj0shIXsvN5o3aaBdL2sS7S%2BWkMbNEZXR5whwmlnairWJJCFgxY1LrDJUxkC1huIPwz43QW8kt9CO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b84889b099e-MIA
6360680.jpg
quotefancy.com/media/wallpaper/thumb/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/6360680.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b29b863bdca3f988cd43eb05e7f881f256b9cd52fd819ffe743ee56dae1d1b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3335028
alt-svc
h3=":443"; ma=86400
content-length
28662
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 01 Nov 2017 21:29:39 GMT
server
cloudflare
etag
"6ff6-55cf291acac0b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOsXGFTyJE2yXTi4gEThRq8arDlyME7kmGkDVX%2Fxoz7ca7g1tJLw%2FQ1HxS6Q3reRbCXUs%2BNxWWTRW1U2aQjFMTTSPI75MHn7lF40Ib4CzCzdtkg3KfP%2FkjgFB2xK91lRwjNQK%2FYW%2FOZBQhdm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b84889c099e-MIA
6361188.jpg
quotefancy.com/media/wallpaper/thumb/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/6361188.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b922db515436acccbef2e6f963fadc44016620a4e22dd0e66c2358cf72dedcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3893405
alt-svc
h3=":443"; ma=86400
content-length
26978
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Fri, 17 Nov 2017 03:23:52 GMT
server
cloudflare
etag
"6962-55e2544167c39"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZgaj5H0gPM9yr09soRrHmGH8vm8Tjqo5CVAfUK3y03To8%2FJbARhmUbMreJ6idEZeX78J%2BGQu7FpmmqQZGjaPLJkSA2J2uxG5gT3D5rQ9qTvdq9LCYt8rLjsB9oRquLL1Uh2aA5tJMrtW%2FFx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b84889d099e-MIA
6360838.jpg
quotefancy.com/media/wallpaper/thumb/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/6360838.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ac6d7113fc6c011230f1200f4640d550d5564720ff096055bf2c49cc54addb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3803637
alt-svc
h3=":443"; ma=86400
content-length
33791
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Fri, 03 Nov 2017 01:14:47 GMT
server
cloudflare
etag
"83ff-55d09d4b0be73"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLU0wosm6qN%2F5gFCdIiCgjSp44e9rlAMJVL9OAFk2wmtVTZWq15eTdVIuPJWHDEY5TGQafmOL0oUN0MBl%2BvJmSIvV60DxuevKSQsVp%2FCUqZ91tPkzSGjgV03JJUgyQZDbveuGbjkecsgS%2F9c"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b84889e099e-MIA
6361750.jpg
quotefancy.com/media/wallpaper/thumb/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/6361750.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d56ff305d414c0e55714a315d2c88cd5aee13d0634c23e61344b23c2b337b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5365795
alt-svc
h3=":443"; ma=86400
content-length
20254
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 20 Jan 2018 03:27:39 GMT
server
cloudflare
etag
"4f1e-5632cc76f2a9d"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPNmnj4QjzhQHRaJxwpHbE4L5T8w%2BiHsRCFa8l1FP8%2BRcefKlyPyXak5VnvlrMxwAY5e%2BX4rszAIAqPYrpM8xVaRn33tMD6gTzlzataaeOHN3vbRrNyXQrPD7zlU%2Bzo1FkMLE27P4h9sxCjB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488a1099e-MIA
4674226.jpg
quotefancy.com/media/wallpaper/thumb/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/4674226.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d51e3cec7853e819eb646d126545ae8d3792a48e3849c4fcb5af41e6aca92500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3335027
alt-svc
h3=":443"; ma=86400
content-length
22036
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 21 Jun 2017 10:24:14 GMT
server
cloudflare
etag
"5614-55275c50ce0b0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpvIve0ihpMyM95SlmY0HLpsckJatLqwZolq6hwuXtyFd718CBzEbnBuM4oOME0x2QUQ2XB8OO0dJDypaagbxvV3X8yUNjKFeRbpKTnsbV4zuoreWjmE6FUuYqHJL1QmjgbPurBQRkRfLGID"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488a3099e-MIA
6347.jpg
quotefancy.com/media/wallpaper/thumb/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/6347.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3328cc9c73a6bccd3519e40902a9ba1aa0f0ac5e9a4fe38d328f08a4afd6f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
557403
alt-svc
h3=":443"; ma=86400
content-length
12996
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Fri, 12 May 2017 16:02:48 GMT
server
cloudflare
etag
"32c4-54f55d63b363e"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gnOMmIwSVAZWDd707DGAcVLIRph1mzrOxInzpC7Wt3hftNDt94bREsnlZ6kv7EWd6aD01hyaLcRH41r8uAVwnlqbtVpoZ9tc5qmJvuL3TCaK34vv7cUk5RsKzPBGbKgBZ6HaKMVpM6zRoK7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488a5099e-MIA
4674138.jpg
quotefancy.com/media/wallpaper/thumb/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/4674138.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb33577c51e27e7bde74ced8e82cc34aa741ed95e8bff52919527105e8b3a5a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3637651
alt-svc
h3=":443"; ma=86400
content-length
28845
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 14 Jun 2017 13:24:27 GMT
server
cloudflare
etag
"70ad-551eb78afa08d"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wO0XUZ8vRQyMN9tq4kN00l9nIZS0O1vbF2utHcRCYtAm3waiHCMlXnGkuJfH%2FtWIbTgWywWPiPmsgyuBpVYsh4nYQeEhtTvb9bDR41xbMNtM1DPPzhCmiMEjHSsXWFHkQPJGTbVOJatleVtE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488a7099e-MIA
15975.jpg
quotefancy.com/media/wallpaper/thumb/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/15975.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3ab5f1569d7c7492be2ec103f023fecd73113f00dfe0b456fbfc38bda1f0de7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
323527
alt-svc
h3=":443"; ma=86400
content-length
24136
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Fri, 12 May 2017 19:25:17 GMT
server
cloudflare
etag
"5e48-54f58aa5f01c1"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jj%2Fz3eoTDmm8kl%2FeZq%2BdlpgaWL3KfnuFodAE34VAwhtMdNq38guLgK5oSQ2BkegF%2FO0yCQMrUZHALSrhGRKWp2dS%2F5XvaKn1JVDCsa8eppZ1GNyY8aQMUgXkW9zhwDJFUf08PghuCxeIrN2s"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488a8099e-MIA
2001210.jpg
quotefancy.com/media/wallpaper/thumb/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/2001210.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
567aa7a7b70f17e0c68e874ff1100f2c14e99438a75ef7c09d33953c9d5d817d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
323527
alt-svc
h3=":443"; ma=86400
content-length
21260
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 27 May 2017 14:56:33 GMT
server
cloudflare
etag
"530c-55082a8f0c53b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlGIVx0z3HlKNeoGJ6RRRJCF8YCMRGEgYG0BGGLiQp8A%2FC87XaRUtq%2FAieEDpr1mlqsvYDVYpPfM%2FCdEeLsDr1VuH%2BSx70SGJGteLz%2FfZl9ciKUFpQ3GC3BsAAVMW6noq0LTzsjrrKDo8qnV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488a9099e-MIA
6360706.jpg
quotefancy.com/media/wallpaper/thumb/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/6360706.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f481f0672c684da577cae9c6dfddcefe1498a674d1df36b7198388ffb1478f82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1111615
alt-svc
h3=":443"; ma=86400
content-length
27347
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 01 Nov 2017 23:21:42 GMT
server
cloudflare
etag
"6ad3-55cf4226e08af"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H32AcwOvVB8TXS2VmHeJtIHg1PVUxHpDDkXpkflAcH3kxWGlp96kT13XkZ2n4aqTdcE7AcW9E1XB6PO7qe4BZr0xLmcJJIWxs6WFWnGhk9x%2BbW3G88Cs%2FH7jXcC3uOrDIZ8S3AE0QSQ3Fv22"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488ab099e-MIA
1697.jpg
quotefancy.com/media/wallpaper/thumb/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/1697.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
919266c6589f6572e5c0985fe06bb09c9f4a8eb468c27602429aa07329f34f37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4546137
alt-svc
h3=":443"; ma=86400
content-length
16763
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Fri, 12 May 2017 14:28:31 GMT
server
cloudflare
etag
"417b-54f54850e5cd4"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rLNsypZI8IzfjQjzB92qQ%2BlQzukX%2B63O2kP0Cxr%2B9BqRhFhOyI92eHvHykI%2FmfrXkHBIhoGmoHegF1lbUqoEGTbZ2cz2b1XLdZu%2FLAjhfyxHh3eaaDrgwCWMDAPoPXophN6Wuqhn8l%2FqHyl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488ad099e-MIA
6361021.jpg
quotefancy.com/media/wallpaper/thumb/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/6361021.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db767c8040e35c989435efa49c01a18b92aa75c60b6c37c924288ecff2a19fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
555784
alt-svc
h3=":443"; ma=86400
content-length
25753
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 29 Aug 2018 23:42:34 GMT
server
cloudflare
etag
"6499-5749b8349cae6"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipHumYeAMmKqfCtb1LLWWB6EzlisG2eiZmZE0BJVc1Qy7uWjss1aMr%2BKS7cyuOQpcrFAB2WDOkg3NkpuwpFKS3nGGYGevJlGxKTkvHwpb57w5cMBRBJhdUWoSqLCja531lV90yqvfu8rl5jA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488ae099e-MIA
6361016.jpg
quotefancy.com/media/wallpaper/thumb/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/6361016.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
132e1f9fb660f92545f8749a9d944bb18fd87e4cf5b764b061c27f1a0a1c4905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
444833
alt-svc
h3=":443"; ma=86400
content-length
36047
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Wed, 08 Nov 2017 23:46:06 GMT
server
cloudflare
etag
"8ccf-55d814a93245f"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mfAeA%2FNUKVHoP3lGUwDd%2F%2Br5gdJF9zbpiAoO%2BvHnIyc%2B24UIF96UIzbthzkpUSsfFUS17%2FCYUQMSa%2BZY%2BImnhn6mHOWzxX3pA6HFcixPcA94Kojefe1jyRMUpLeZc3GCRvIjUKuGPaYImY8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488af099e-MIA
1487735.jpg
quotefancy.com/media/wallpaper/thumb/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/1487735.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28464c54c5db75e366299c259aea8a393bc179a9dd2c9055b1502d7c071483c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261047
alt-svc
h3=":443"; ma=86400
content-length
20435
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Fri, 19 May 2017 15:51:36 GMT
server
cloudflare
etag
"4fd3-54fe27f08525c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2giPKcD40eusenK3I2VLft%2F6pU5HXy%2Bfz3LYloXgJQ0omY6D5f4ZPRZHzfLGFJrbtxUpIg9sF7AhlngVmg3xXp%2BHRfX5r4tQyqUDciZ74hB6P0G9B%2FZG%2F0eor4izu9dfVG2sv6bmFnFyOgco"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488b2099e-MIA
1700312.jpg
quotefancy.com/media/wallpaper/thumb/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quotefancy.com/media/wallpaper/thumb/1700312.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:1fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa97f9309fdbf4f72536b0ed0f65cf23e21f52f81a9c6d1c716091b2eebed821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3887349
alt-svc
h3=":443"; ma=86400
content-length
22697
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Tue, 23 May 2017 01:03:19 GMT
server
cloudflare
etag
"58a9-550268dab9a86"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04UuKf7KPUS7hnUR9hYWPfcrZEhExjSCvJIqsBYNrKH9mMnUKokNvl%2FRH5jGPDcMSQAejdC2Qi4MEnv9rqIcYM3L%2BIejA8GAaQJfFl4al59IsXlB%2BHlQAyIHZJQp%2FvO6wKnGa0haMF51ZqgX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b8488b3099e-MIA
wrapper.min.js
scripts.pubnation.com/tags/2.94.39/ 		171 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/88cdb005-111a-41bd-a74e-87fc4a56f1d3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
51f28f9784abf00df842d30c92f765a3f393356306553e320c3ebaa1f1d60491
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
S0952D8QGT05T4G8
age
79021
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/2.94.39/wrapper.min.js
content-length
56037
x-amz-id-2
8VLKn+N8WJPaM4Hw401PFSwW4CKlOis50HqEW2VKGuhKwxoemiU3GQYGrveEyHcOgWiuTX4Ttyg=
x-served-by
cache-iad-kjyo7100149-IAD, cache-mia-kmia1760076-MIA
last-modified
Thu, 11 Jan 2024 15:59:01 GMT
server
AmazonS3
x-timer
S1705069277.911630,VS0,VE0
etag
"1b355cff4f13a4caf6edb1b9cb244d3f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 893
usersync.min.js
exchange.pubnation.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/88cdb005-111a-41bd-a74e-87fc4a56f1d3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
eeea33ea41591acd8282ffa0c35f3ebf52f3399bb017e83105f72961dcac68e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:17 GMT
content-encoding
gzip
last-modified
Fri, 12 Jan 2024 14:17:00 GMT
etag
W/"332b-18cfe08867c"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
web.keywords.js
keywords.pubnation.com/keyword/ 		425 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://keywords.pubnation.com/keyword/web.keywords.js?pageUrl=https://quotefancy.com/
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/88cdb005-111a-41bd-a74e-87fc4a56f1d3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
bf9e471ad5b9814c0e839a3b3a238c2455ad13886e8f85bf5468fd06182b6313

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200091-IAD, cache-mia-kmia1760076-MIA
date
Fri, 12 Jan 2024 14:21:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
686946
x-timer
S1705069277.915441,VS0,VE1
x-powered-by
Express
vary
Origin, Accept-Encoding
x-cache
HIT, HIT
content-type
text/html; charset=utf-8
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-length
233
x-cache-hits
200, 1
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://arvan.arv1.arv1.vai2app.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
975
cdn-cachedat
10/31/2023 18:55:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3d79a86341cf3c6a6035d02841a498d3
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
84460b861eea5c6d-MIA
cdn-requestpullsuccess
True
island-lake.jpg
arvan.arv1.arv1.vai2app.site/frontend/img/homecovers/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arvan.arv1.arv1.vai2app.site/frontend/img/homecovers/island-lake.jpg
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.143.233.120 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),
Reverse DNS
Software
ArvanCloud /
Resource Hash
df132526a4b911ac18910ada4b3f3cd57ec5b42e1680ea30765bcb8fd45e237b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:17 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1484763
x-cache
BYPASS
server-timing
total;dur=180
content-length
76375
x-xss-protection
1; mode=block
x-request-id
1d809e486d192906f0f3c579181100a6
x-sid
6112
cf-bgj
h2pri
last-modified
Mon, 09 Mar 2015 14:48:00 GMT
server
ArvanCloud
etag
"12a57-510dc1edf784d"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ng1D5dnaeVt3pGnAOFY2Jr9a4EVzFfryY1JQuNV%2Frb7pWqvwbrpPILvHBUlnow82xpC9FdNcYryhgltQutT%2FX24c%2BLQX2wXBGATigl428MppuyZnzc7LDoBGa1pD3ZDN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536050
accept-ranges
bytes
cf-ray
84460b87bc21bbd9-FRA
7b1b5bc2bf50b7f1fd3d.min.js
scripts.pubnation.com/tags/6381/ 		59 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/6381/7b1b5bc2bf50b7f1fd3d.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
e7dc2d96e7b17036114e965bc4fd20227f0285f0e0a7530015fb57e6ee3a959c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
HVW4DB8N31EARPB5
age
867745
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/6381/7b1b5bc2bf50b7f1fd3d.min.js
content-length
12001
x-amz-id-2
Fa4z33j9YBnNTvyVBIZkuYgPgVTaylP0TYVGMMaDhalIeq6TjhABSyXfdhsDO5rTIUHaarnxSQ0=
x-served-by
cache-iad-kiad7000088-IAD, cache-mia-kmia1760076-MIA
last-modified
Tue, 17 Oct 2023 20:02:59 GMT
server
AmazonS3
x-timer
S1705069277.320336,VS0,VE0
etag
"3ac36b93e230c09abea8266587e3313b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
2, 10860
92f7561d06db4cef115b.min.js
scripts.pubnation.com/tags/gpp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/gpp/92f7561d06db4cef115b.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
7ae4c978fe0997597c99e7c7c5f4062280aaa344768ff6022ac6115d3d40a49d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
FTWCMVAYNX6AY3DC
age
1893876
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/gpp/92f7561d06db4cef115b.min.js
content-length
3076
x-amz-id-2
ubFKF60dOeiGFVmqEKhVizgEtPm2lk4IswWCnWiFaA9LZEEMZd6Cx40Nem8tTuB4/Z7yOKjVdi8=
x-served-by
cache-iad-kjyo7100163-IAD, cache-mia-kmia1760076-MIA
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1705069277.320494,VS0,VE0
etag
"36c1c5111ea60fd90455ad4adb3ac5be"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
3, 10678
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SG27W8H91H&gtm=45je41a0v880991526&_p=1705069276792&gcd=11l1l1l1l1&dma=0&cid=1879337364.1705069277&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705069277&sct=1&seg=0&dl=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&dt=Inspirational%20Quotes%20on%20Beautiful%20Wallpapers%20-%20QuoteFancy&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3225
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SG27W8H91H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		176 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-198136979-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SG27W8H91H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d356a2420119ba1e1094ea5528809b643a054dfa9481f6d5c18aa3028156148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65294
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 14:21:17 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-198136979-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 Jan 2024 12:40:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6052
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 12 Jan 2024 14:40:25 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=290197914&t=pageview&_s=1&dl=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&ul=en-us&de=UTF-8&dt=Inspirational%20Quotes%20on%20Beautiful%20Wallpapers%20-%20QuoteFancy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1459507564&gjid=1369937196&cid=1879337364.1705069277&tid=UA-198136979-1&_gid=2064706944.1705069278&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1259447148
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
96251a8bad83d10b6957.min.js
scripts.pubnation.com/tags/9906/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/9906/96251a8bad83d10b6957.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
39b8040e99ed258fdd8d51bbf92cc9bb8ce8a68809fae8e91253971479dd8bff
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
BHJ622BQW7W5Q08S
age
1893881
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/9906/96251a8bad83d10b6957.min.js
content-length
8309
x-amz-id-2
BzJVYU6milTrsxa426Kxq83IWqAvsJJBFIZcY9gPNpdfYyYCM8xrkLyM3ZYAzjGOOBUfZ6sXw+A=
x-served-by
cache-iad-kjyo7100158-IAD, cache-mia-kmia1760076-MIA
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1705069283.648773,VS0,VE0
etag
"247c9fe618d66df16b9e323466e15478"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
2, 10860
06b35457ba3bffa56655.min.js
scripts.pubnation.com/tags/8110/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/8110/06b35457ba3bffa56655.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
09d083580822f0f34e1c46e1789daf1246f75a848f630e84ac121d8ee2cf0ff9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
YB749V2RVXS2MP41
age
243149
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/8110/06b35457ba3bffa56655.min.js
content-length
6405
x-amz-id-2
6P7ScengWpEOVF90XgG/J3FwD6vtO75FODnFEwHMqm66792rO9TP4XsntYtDK28wUwla/4ZSCEY=
x-served-by
cache-iad-kiad7000091-IAD, cache-mia-kmia1760076-MIA
last-modified
Tue, 09 Jan 2024 18:33:06 GMT
server
AmazonS3
x-timer
S1705069283.648903,VS0,VE0
etag
"df1b720e94f55239cd68c406cf31b5bb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
8, 1192
3de53a8dca725b06affb.min.js
scripts.pubnation.com/tags/5629/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/5629/3de53a8dca725b06affb.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
a0b824fb00f0c50b765512317bc0e93daa203d1b9e2916dad6827fa5fbf45fe5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
BHJ61FW04VNSY4ZQ
age
1893881
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/5629/3de53a8dca725b06affb.min.js
content-length
8076
x-amz-id-2
UwOlgvUAVvB2/B/mwGaPaYPUgWSrnsrCYvPxYd3C7vwd39UpZkjv/5ATU4KADbVnp8MDc1uL5X4=
x-served-by
cache-iad-kcgs7200025-IAD, cache-mia-kmia1760076-MIA
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1705069283.649102,VS0,VE0
etag
"e71c31793a178eabf22aa1cb9054aaed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 10456
67203f625849583138fb.min.js
scripts.pubnation.com/tags/2726/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/2726/67203f625849583138fb.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
ed5413685378401839d0b05c232052d58018dc1a581d0db1411af0cc57e5e57e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
BHJDK810HX9Q3KRX
age
1893881
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/2726/67203f625849583138fb.min.js
content-length
6081
x-amz-id-2
kyopshkJdHTpbTsECsU0Suy0XLqzMScNz9nwC9QrxJ1RXPTza3Il+BOiTNW2b43N6bFPXWBVU9c=
x-served-by
cache-iad-kiad7000087-IAD, cache-mia-kmia1760076-MIA
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1705069283.649354,VS0,VE0
etag
"40f8b04fe0c0c73c381ffd45988cbdcd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 10703
48a125aa39d79d3d582b.min.js
scripts.pubnation.com/tags/3222/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/3222/48a125aa39d79d3d582b.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
1ff7b213205a222f0d65910ba605a494f9c170eea55465474e3cea515a352126
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
9VXJR4WK2TAJP00M
age
79026
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/3222/48a125aa39d79d3d582b.min.js
content-length
4017
x-amz-id-2
ijslyIybBc9vUYl9T0G7iwgAdNwJWLMAOmGfD4EZNR57ERbj8GbAdegbHJEQerSIt+DM3iT6b7g=
x-served-by
cache-iad-kjyo7100077-IAD, cache-mia-kmia1760076-MIA
last-modified
Thu, 11 Jan 2024 16:00:01 GMT
server
AmazonS3
x-timer
S1705069283.649990,VS0,VE0
etag
"7ee27a08440cf3a1ff4a6fa07da889c3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
13, 1189
71c9614885c8646ed13b.min.js
scripts.pubnation.com/tags/afterScroll/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/afterScroll/71c9614885c8646ed13b.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
7efacbeeeedabd529af6444202d3be0ce97d369e2bc4434acaa335dd92abe390
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
PNGGANY66RE5AGMT
age
587177
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/afterScroll/71c9614885c8646ed13b.min.js
content-length
27272
x-amz-id-2
ScwbJ5CNKES7qkHliyWdBzql2JsKfYqYI1YAD980WzrR0zeln+ug2yTEth6hqLWX/NK6SE9jwEg=
x-served-by
cache-iad-kcgs7200061-IAD, cache-mia-kmia1760076-MIA
last-modified
Fri, 05 Jan 2024 18:59:40 GMT
server
AmazonS3
x-timer
S1705069283.649951,VS0,VE0
etag
"ad7ba986344cb8c3c022c840437ef884"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0, 1156
update
sda.fyi/ 		24 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sda.fyi/update?cats=422
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2963 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
59d28c947bc16ddcd238e84fc9ee0a23fa5565a08c05496df32a5fa41430323d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jn5V6owISlqZsvhkZTI8olcNnN2KHwFoWS9HSyDjRadyRY6%2BBHfvo%2FQAXclhIbCT7ZtiE8OAiG1DDPDLByAW4eBt502c1tBfLYS6T48DS3Uny%2FgabiWUWzYHbjYW5fAwA4AHNTa"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
content-type
application/json
access-control-allow-credentials
true
cf-ray
84460baa6b287469-MIA
access-control-allow-headers
*
content-length
24
alt-svc
h3=":443"; ma=86400
creativeBlocks
scripts.pubnation.com/ 		29 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/creativeBlocks
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
404936cffcfb25e5018f32939949071ac7c91990a701ca530343b26b48ced382
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
88232
x-powered-by
Express
x-cache
HIT, HIT
content-length
8481
x-served-by
cache-iad-kjyo7100113-IAD, cache-mia-kmia1760039-MIA
x-timer
S1705069283.880867,VS0,VE0
etag
W/"73c2-oQrTUHCl78WlcWKP6oX6gnSOuWA"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
accept-ranges
bytes
x-cache-hits
5, 2834
c16e0528c2c3c234ead6.min.js
scripts.pubnation.com/tags/8769/ 		299 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
a4af3ea6ff18bab36043bbb0c7de1d9e01150241334ceab412c9fe4b8961c2f7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
BHJCWF2D3PA2Z7AA
age
1893881
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/8769/c16e0528c2c3c234ead6.min.js
content-length
96317
x-amz-id-2
qK7RzaxRLiO5+JOM17pHCHqxNqvpbkXrSAuNiIHjEQ1AyzZEAH1DD1LSsM3OzHp++6BErm23/wc=
x-served-by
cache-iad-kiad7000166-IAD, cache-mia-kmia1760076-MIA
last-modified
Thu, 21 Dec 2023 16:08:15 GMT
server
AmazonS3
x-timer
S1705069283.881043,VS0,VE0
etag
"b57f727bd6d034d6feffc9fb272c41d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 11141
535ecb08db948da2040c.min.js
scripts.pubnation.com/tags/prebid/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/prebid/535ecb08db948da2040c.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
abd3328d01e4d867f4f56d97288fe35e273103f3cef7d6785d3f550c738dbd49
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
K48ZP708K31KS1HK
age
2452795
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/prebid/535ecb08db948da2040c.min.js
content-length
4764
x-amz-id-2
9uRfnT0AFnx4lgN/0b47Ri4w5ybHLUKWqymezzpt8Masb1FbZDB52z9LyqUjkUqF9jNeYRk+pWY=
x-served-by
cache-iad-kcgs7200111-IAD, cache-mia-kmia1760076-MIA
last-modified
Tue, 21 Nov 2023 17:35:08 GMT
server
AmazonS3
x-timer
S1705069283.881109,VS0,VE0
etag
"3d56023aea9e5edefdd89225b0fe8c6a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
16, 10437
adjustments
scripts.pubnation.com/amazon/v1/ 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/amazon/v1/adjustments?offering=pubnation
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
6856edfbdc4a824905517637532686119bbf7aa062eb146afd10ab29ce846c06
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
85
x-powered-by
Express
x-cache
HIT, HIT
content-length
7020
x-served-by
cache-iad-kjyo7100093-IAD, cache-mia-kmia1760039-MIA
x-timer
S1705069283.974117,VS0,VE0
etag
W/"6652-SHpHeLS+2viqiLVatWLl7tnyxSo"
vary
offering=pubnation, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, no cache
accept-ranges
bytes
x-cache-hits
26, 3
check
scripts.pubnation.com/sync/ Frame E49E 		359 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/sync/check
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
8c4fc04634a28970e4a08a3f3a9e5b605fe4bafbc4a91ba48ecd48a486a61825
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
43
cache-control
public, no-cache
content-encoding
gzip
content-length
215
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:22 GMT
etag
W/"167-TIMC/WIoHklHcqlcGDzARpR3PKA"
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1286728, 2
x-powered-by
Express
x-served-by
cache-iad-kiad7000102-IAD, cache-mia-kmia1760076-MIA
x-timer
S1705069283.983182,VS0,VE0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fquotefancy.com%2F&domain=arvan.arv1.arv1.vai2app.site&cw=1&lsw=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://arvan.arv1.arv1.vai2app.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 12 Jan 2024 14:21:22 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
225233
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
api.rlcdn.com/api/identity/ 		0
288 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=2
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 14:21:23 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		109 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=sne7dew&fmt=json
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
8154473680346ab110fbf3589e01df7b535b70190f342c5234881ff888e7b37a

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 12 Jan 2024 14:21:23 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 11 Feb 2024 14:21:23 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fquotefancy.com%2F&domain=arvan.arv1.arv1.vai2app.site&cw=1&lsw=1&us_privacy=1---
  • https://mug.criteo.com/sid?cpp=1beyEXw1aVZ5Mzl6UWRoZENSSEtNZXorWWpYN0ZiREh2dUpISVFCUk9CNkpMZUdOSS9oYmkrMEQzejJtVTlvbnhHVFp3V1NkUnJhOTFjUS9DU0RBdkVLbzQrL2Urb0xjaCtST1BYOWtXMmtldVM0K2FPdWtJYzk5cjdaZW...
352 B
994 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1beyEXw1aVZ5Mzl6UWRoZENSSEtNZXorWWpYN0ZiREh2dUpISVFCUk9CNkpMZUdOSS9oYmkrMEQzejJtVTlvbnhHVFp3V1NkUnJhOTFjUS9DU0RBdkVLbzQrL2Urb0xjaCtST1BYOWtXMmtldVM0K2FPdWtJYzk5cjdaZWoxN1ZINThGSDRvaEhzUXlwU3RTeC96QU5QT0FrZ2JLYklDcHZGRGdCRmxTdXF0amp1bXdBMXlMdWQxOUlSczRSM2Nqc1VuYUx0NGhmTW92WkplYlFuVk40ck9HUWpnWDdWYTU0cDFTSDErNmljTFNEcTdmOGE0cHp4dmVod09QWGlOaTRnSy9nb3JYWmF4WWNDMmRUV2xRZWpEZHFNZz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
76999675936cd1671b6f1a05eaffeb6a34d1d2fc346d4e7c1f4793ac0631591b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
978077
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
location
https://mug.criteo.com/sid?cpp=1beyEXw1aVZ5Mzl6UWRoZENSSEtNZXorWWpYN0ZiREh2dUpISVFCUk9CNkpMZUdOSS9oYmkrMEQzejJtVTlvbnhHVFp3V1NkUnJhOTFjUS9DU0RBdkVLbzQrL2Urb0xjaCtST1BYOWtXMmtldVM0K2FPdWtJYzk5cjdaZWoxN1ZINThGSDRvaEhzUXlwU3RTeC96QU5QT0FrZ2JLYklDcHZGRGdCRmxTdXF0amp1bXdBMXlMdWQxOUlSczRSM2Nqc1VuYUx0NGhmTW92WkplYlFuVk40ck9HUWpnWDdWYTU0cDFTSDErNmljTFNEcTdmOGE0cHp4dmVod09QWGlOaTRnSy9nb3JYWmF4WWNDMmRUV2xRZWpEZHFNZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
364041
content-length
0
expires
0
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1---
  • https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1---&b=1&g=ZEaHD9PcBjy75lUsnRW99x9O8WboFr7sDUCjcdQC%2BsQ%3D
42 B
138 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1---&b=1&g=ZEaHD9PcBjy75lUsnRW99x9O8WboFr7sDUCjcdQC%2BsQ%3D
Protocol
H2
Server
35.244.193.51 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:22 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 12 Jan 2024 14:21:22 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
location
https://lexicon.33across.com/v1/envelope?pid=0014000000xvEfwAAE&gdpr=0&src=pbjs&ver=8.20.0&coppa=0&us_privacy=1---&b=1&g=ZEaHD9PcBjy75lUsnRW99x9O8WboFr7sDUCjcdQC%2BsQ%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
dc47ee0bbce5ba61d4c4.min.js
scripts.pubnation.com/tags/3322/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/3322/dc47ee0bbce5ba61d4c4.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
43cdbb1985231afab309de0be719ef8fe3a81228be641de8b454d1127209f6a7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
PDMSZJWCKMYPXC37
age
3188542
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/3322/dc47ee0bbce5ba61d4c4.min.js
content-length
2726
x-amz-id-2
fIMv3K+guwaU+kMxxw7FTaVNLtB+poPpRAm1iq6GH54aMfi3kJpYdTGKsGhg4epnGaFvKmYMOjI=
x-served-by
cache-iad-kcgs7200072-IAD, cache-mia-kmia1760076-MIA
last-modified
Wed, 06 Dec 2023 16:37:14 GMT
server
AmazonS3
x-timer
S1705069283.024506,VS0,VE0
etag
"b1f88edbfc65df5d8098d9f5abe76437"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
12, 10329
08101a158c9067b992e9.min.js
scripts.pubnation.com/tags/3706/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/3706/08101a158c9067b992e9.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
aa863b1f24ed086ab7aa5de96df09eb6587c469c752a797c4ee0ff85d1f5fac0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
BHJDR4ASEC7EA3GR
age
1893882
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/3706/08101a158c9067b992e9.min.js
content-length
2733
x-amz-id-2
agIkoQGDvrFFb5MXMztdOcqxhQvEKHH3bwkBIGm6YJg5jWzsqmK5s5R0PcchBzK0ilwP4dptbvw=
x-served-by
cache-iad-kcgs7200095-IAD, cache-mia-kmia1760076-MIA
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1705069283.028988,VS0,VE0
etag
"bd6ff991da778448c0fab19a98fa0cd5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 9798
truncated
/ 		386 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba24896725c75f555776ee09b1ba000865f1c59b82098d665b893685fc528e79

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40d90a3d2eeb74d807d69c4935de62d6be955d4e67c862a97562cd42f27bb78a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		699 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a00c2435d3641f05cf8654bd0f2bb96e4334c66720dd4a0cfd6ab306dc2547ac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/ 		438 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
6139
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140824
x-xss-protection
0
server
cafe
etag
1760809391848743662
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 11 Jan 2025 12:39:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		73 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=arvan.arv1.arv1.vai2app.site
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb85eac28aac3a5eadfae1987d8a85466173cd1ab80dc64491ff512982343d79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54
x-xss-protection
0
expires
Fri, 12 Jan 2024 14:21:23 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/afterScroll/71c9614885c8646ed13b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.249.178 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 13:57:02 GMT
content-encoding
gzip
via
1.1 68de14c306a725869b138a409e9694b4.cloudfront.net (CloudFront), 1.1 1bc5cb35fce618729d22b7ee2088cdce.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:12 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5, ORD51-C4
age
1462
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Lv394CsENgeF8fSQWJJYUS2NTYk5xu9BTTWdaZ5rgGFkPTeumr0iAw==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1365fa619a7c788ab7a1d7ef67476b8de0df0c42ccde49989a0abbc842b21e62

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
d273b3f7a25cb28cb418.min.js
scripts.pubnation.com/tags/9300/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/9300/d273b3f7a25cb28cb418.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
64a4ed8872228e80f2ef6519ae6f19200ddd5da2670cdbcb30eeb8ac46e09a63
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
4W7ZWXB3Z514BQMA
age
3652006
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/9300/d273b3f7a25cb28cb418.min.js
content-length
940
x-amz-id-2
uN5LXnwp6LZeek/3zZ2m5VzzY8EMwT6yjzQd3gaP5oJguD3pc0XhO0hrsGfghoMEAAmMovQ/7sY=
x-served-by
cache-iad-kjyo7100036-IAD, cache-mia-kmia1760076-MIA
last-modified
Sat, 14 Oct 2023 19:21:45 GMT
server
AmazonS3
x-timer
S1705069283.080127,VS0,VE0
etag
"76ed95a13469c309bb1771b0e3cc1c4f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
2, 10083
9a4878ce647526870d8c.min.js
scripts.pubnation.com/tags/6409/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/6409/9a4878ce647526870d8c.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
6feedee0b3ff656231324e97f80eac7feb981ba46b89187f0daaa9e058e6f6b9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
4W7H78F1G1EWGRC9
age
5008855
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/6409/9a4878ce647526870d8c.min.js
content-length
3186
x-amz-id-2
WfMqUpSWXTQMQxykpHEkkzC6DRr5yyfB+FQAxepC3VptROGU2tdb143BTbPOEONHx7uRsT4BbsE=
x-served-by
cache-iad-kcgs7200058-IAD, cache-mia-kmia1760076-MIA
last-modified
Sat, 14 Oct 2023 19:21:46 GMT
server
AmazonS3
x-timer
S1705069283.080269,VS0,VE0
etag
"abb142824b55f4acb7bcc829e62dc8a2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
4, 10277
05e5b90016757eb6d006.min.js
scripts.pubnation.com/tags/675/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/675/05e5b90016757eb6d006.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
241d80503f2c90bbe544d429b1eb12199f5e5e120119341dcfafdb448f637c49
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
BHJ7SQ6C0JBVP37H
age
1893882
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/675/05e5b90016757eb6d006.min.js
content-length
4119
x-amz-id-2
cocS6vxrMjds7+aniKYhbCfF6gXB8fuuaBlA3uaG4+hCP+9L/FTR+ACVnCyDKdltmycH2o//PRg=
x-served-by
cache-iad-kiad7000046-IAD, cache-mia-kmia1760076-MIA
last-modified
Thu, 21 Dec 2023 16:08:21 GMT
server
AmazonS3
x-timer
S1705069283.083780,VS0,VE0
etag
"306eabcced998d3328b33a79577ebe6f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
2, 10477
14decf0a94814552b0fa.min.js
scripts.pubnation.com/tags/3367/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.pubnation.com/tags/3367/14decf0a94814552b0fa.min.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/2.94.39/wrapper.min.js?bust=-1498279587
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
ffb80624264fb2038baf8456a09804e1e009afe7d642235beaf65dfea1de6fae
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
WYM9RSJ7W0B3C04K
age
6914455
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/3367/14decf0a94814552b0fa.min.js
content-length
1325
x-amz-id-2
EIDfIMKOw8InGZ0519blXix/SBE0qii2oWNQxnU7RyRq8LzlYDTflqaipZrx5XeGaNrQaaRpUVA=
x-served-by
cache-iad-kjyo7100128-IAD, cache-mia-kmia1760076-MIA
last-modified
Wed, 18 Oct 2023 15:00:15 GMT
server
AmazonS3
x-timer
S1705069283.083765,VS0,VE0
etag
"7687384995f0a7a1035a10812b11b29b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
16, 10233
beacon.js
sb.scorecardresearch.com/internal-cs/27053452/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/27053452/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/27053452/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/27053452/beacon.js
Protocol
H2
Server
108.139.47.108 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 08:43:28 GMT
content-encoding
gzip
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 05:18:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
20276
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
-crU9Gayc8TjiaTo5As5Mv_JSwJ4wiuYf5PSJEHq7yV0BKcLqclrGg==

Redirect headers

date
Fri, 12 Jan 2024 14:21:23 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
location
/internal-cs/27053452/beacon.js
content-length
0
x-amz-cf-id
CFfcebOBXOvcOTejA3CwPTSX2nDlA6oY42Oa6deLRjSs6z-E7pj0sA==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/afterScroll/71c9614885c8646ed13b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:43:15 GMT
content-encoding
gzip
age
2403488
x-guploader-uploadid
ABPtcPo-Nnc_L1KAyEpPPVUv5vwCRMRk402c2xMZ8RDapzyXrt417SxU0ZSnklO1feNd-W0PQzNuKA5BfA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 14 Dec 2024 18:43:15 GMT
pandg-sdk.js
pghub.io/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/afterScroll/71c9614885c8646ed13b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 13:24:19 GMT
content-encoding
gzip
age
3424
x-guploader-uploadid
ABPtcPpqWXpwsdTt4UkggU_o9C66PxsH3IZUiRddzG1nOVVZglcl1FtS9FDcGRsHUxFjGSbTAdE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
ope-dmplite.js
cdn.opecloud.com/ 		61 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.opecloud.com/ope-dmplite.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.249.17 -, , ASN (),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
58cc196d11d355db996638034106778ef7c5cb20a7122783ae9b85f1ccda8e90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 13:29:49 GMT
content-encoding
gzip
via
1.1 652a36cca524228b11a07aa4660a0022.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 15:37:04 GMT
server
nginx/1.24.0
x-amz-cf-pop
ORD58-P5
age
3094
etag
W/"659c16a0-f46a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800, public
x-amz-cf-id
w9iOiGaTFdPTqT3CG3zzc71EIPX2JAXZRcJv8jynlpEbggqh7TAKYw==
expires
Fri, 19 Jan 2024 13:29:49 GMT
sync
exchange.mediavine.com/usersync/ Frame 4943 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.mediavine.com/usersync/sync?origin=https://arvan.arv1.arv1.vai2app.site&src=https://exchange.mediavine.com&s2sVersion=production&gdpr=0&us_privacy=1---&gppString=DBABzw~1---~BqgAAAAAAgA&p=%7B%7D
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.121.50 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
294bb0752943f8f53fa73cb8bd0932e48f0afcadc039807430b8425cbf6a0bd8

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:23 GMT
vary
Origin, Accept-Encoding
/
exchange.pubnation.com/bidRequest/ 		33 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/bidRequest/?s2sVersion=production
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
357a8d96b7787fca8fd0b3591bdb3c5e65b33a61f3cd2f2cb5546002aa31dc5d

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
date
Fri, 12 Jan 2024 14:21:23 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=872633
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
79e3cd6cc7210d3f5227953e33e19bab05211c37e1f40fe49f2c644fbb9ee32b

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9Hzv%2FBlTl4xd9cjn5tJKTnu97%2F7nmi0QLoN28xhu3hm1IMa3dV2cmgvDjvsSQYOHiYW1%2B%2FAndAIujwFs2IXvuXQ88ExeT9o8fTwzo3fWQI2s2Y1Ha0mCBrH1Ar7%2BrJMfSgotBXL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84460bae28917421-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
681 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=872633
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
79e3cd6cc7210d3f5227953e33e19bab05211c37e1f40fe49f2c644fbb9ee32b

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewcO8mTXITFV1PL%2BHTEn8m%2BmNgOAWTRNOPKOf83T50%2FkUJ9NdSxPwhaVlNfYDa2J8AlrZiYQKIQ%2B4gOGi5E6qNuCRKNBqMDK503z%2F9S4cv3vcVfunmmuGEWena0p%2BV%2ByO3cSi3mr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84460bae288a7421-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
date
Fri, 12 Jan 2024 14:21:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f2a076c8661dcf8ec45add7b5bf57851e3a5621dbc800af489b753695b3c43a

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.6.0
Content-Type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24214&site_id=499906&zone_id=2979458&size_id=2&alt_size_ids=1%2C55%2C117&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&rp_schain=1.0,1!pubnation.com,7714093e54f705d7340cd766f66333f2,1,,,&tpid_tdid=70451e3f-8576-44e3-b479-ae4858a3ebcb&eid_adserver.org=70451e3f-8576-44e3-b479-ae4858a3ebcb&eid_pubcid.org=1088537e-9fdf-43b6-bcef-640f901e1153%5E1&rf=https%3A%2F%2Fquotefancy.com%2F&kw=quotefancy%2Cbeautiful%20wallpapers%2Cinspirational%20quotes%2Cfree%20download%2Cmotivational%20quote%2Cwallpaper%2Chigh-resolution%20image%2Cspace%2Cprintable%20poster&tg_i.domain=quotefancy.com&tg_i.page=https%3A%2F%2Fquotefancy.com%2F&tg_i.name=Quote%20Fancy&tg_i.cat=IAB5%2CIAB9%2CIAB9-2&tg_i.sectioncat=IAB5%2CIAB9%2CIAB9-2&tg_i.pagecat=IAB5%2CIAB9%2CIAB9-2&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.iab=239&tg_i.category=education%2Chobbies-and-interests%2Chobbies-and-interests-arts-and-crafts&tg_i.pbadslot=%2F22794612459%2C3029686%2Fquotefancy%2Fadhesion&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=177699a00a5aac1&p_screen_res=1600x1200&rp_floor=0.19&rp_secure=1&rp_maxbids=1&slots=1&rand=0.76386040835175
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b06875c6f25ceff58bc6dcf0154717551e6e607cd1ae23fd67d3b15e0bcad5f3

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:23 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
630 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.20.0&referrer=https%3A%2F%2Fquotefancy.com%2F&tmax=2801&us_privacy=1---
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.87.155.248 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:23 GMT
accept-ch
sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version
x-auction-status
29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1beyEXw1aVZ5Mzl6UWRoZENSSEtNZXorWWpYN0ZiREh2dUpISVFCUk9CNkpMZUdOSS9oYmkrMEQzejJtVTlvbnhHVFp3V1NkUnJhOTFjUS9DU0RBdkVLbzQrL2Urb0xjaCtST1BYOWtXMmtldVM0K2FPdWtJYzk5cjdaZWoxN1ZINThGSDRvaEhzUXlwU3RTeC96QU5QT0FrZ2JLYklDcHZGRGdCRmxTdXF0amp1bXdBMXlMdWQxOUlSczRSM2Nqc1VuYUx0NGhmTW92WkplYlFuVk40ck9HUWpnWDdWYTU0cDFTSDErNmljTFNEcTdmOGE0cHp4dmVod09QWGlOaTRnSy9nb3JYWmF4WWNDMmRUV2xRZWpEZHFNZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 12 Jan 2024 14:21:23 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
177503
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel.gif
pdmp.tagger.opecloud.com/pdmp/b4/v2/ 		35 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdmp.tagger.opecloud.com/pdmp/b4/v2/pixel.gif?url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&ref=&tref=&tz=10&screen=1600x1200x24&dcRegion=us-east-1&cmpstatus=notrequired&e=%5B%5D&fpid=484497a8-a668-4aac-901f-409c8df15ae2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.123.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:23 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
51
expires
0
sync
exchange.pubnation.com/usersync/ Frame C709 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/usersync/sync?origin=https://arvan.arv1.arv1.vai2app.site&src=//exchange.pubnation.com&s2sVersion=production&mv_uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&version=invalidate-verizon-pushes&gdpr=0&us_privacy=1---&gppString=DBABzw~1---~BqgAAAAAAgA&p=%7B%22appnexus%22%3Atrue%2C%22gumgum%22%3Atrue%2C%22huddled_masses%22%3Atrue%2C%22indexExchange%22%3Atrue%2C%22mediadotnet%22%3Atrue%2C%22mediagrid%22%3Atrue%2C%22nativo%22%3Atrue%2C%22openx%22%3Atrue%2C%22pubmatic%22%3Atrue%2C%22pulsepoint%22%3Atrue%2C%22rubicon%22%3Atrue%2C%22triplelift%22%3Atrue%2C%22verizon%22%3Atrue%2C%22yieldmo%22%3Atrue%7D
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
3446ac4fc8a3d78b8615176c34a3d5756f6b6ce11cafe4ee5557502675cc67d9

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:23 GMT
vary
Origin, Accept-Encoding
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705069283651&ns_c=UTF-8&c7=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&c8=Inspirational%20Quotes%20on%20B...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705069283651&ns_c=UTF-8&c7=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&c8=Inspirational%20Quotes%20on%20...
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705069283651&ns_c=UTF-8&c7=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&c8=Inspirational%20Quotes%20on%20Beautiful%20Wallpapers%20-%20QuoteFancy&c9=
Protocol
H2
Server
108.139.47.108 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:23 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P1
x-amz-cf-id
Y0xaGvd6BtfC5rH3h6eb90lIJsoHP5UOa-ApAKsQjbHbsb3tiEoEEw==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 12 Jan 2024 14:21:23 GMT
via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=27053452&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705069283651&ns_c=UTF-8&c7=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&c8=Inspirational%20Quotes%20on%20Beautiful%20Wallpapers%20-%20QuoteFancy&c9=
content-length
0
x-amz-cf-id
ZC31OWCtO5FEnAEMKGOtpBS2j8VU9tP_TWrM9_f1sYmA_AgJd9TXFw==
b8e296dd-fc9f-4561-b5be-0262680b7abd
config.aps.amazon-adsystem.com/configs/ 		564 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/b8e296dd-fc9f-4561-b5be-0262680b7abd
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.20 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
5bd35e57f11c9d87c7f5d0ee7c43439ba12a4598e7f7fbfcca056e93d532660a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 13:45:13 GMT
via
1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
2170
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
kPvp5Mb4MCKlzuL8y7pIhg5DkCBYPqISaEekFV4NtUNAMxyfYjWrKg==
config
c.amazon-adsystem.com/cdn/prod/ 		497 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Farvan.arv1.arv1.vai2app.site&pubid=b8e296dd-fc9f-4561-b5be-0262680b7abd
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.249.178 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
727d16acc2cffca6fbc1c1e172bea9b8f24eac8693f331b1a3f2fde7cc89c03b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:23 GMT
via
1.1 1bc5cb35fce618729d22b7ee2088cdce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD51-C4
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
497
x-amz-cf-id
oIWhRPa9mW2BpCC2L5Z6TE1kJ_bxQSgFUNqbx9ETNN8WYiKWjshVVg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&pid=xlmxOgMNo0hfg&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A100%2C%22id%22%3A%22sticky_outstream_desktop%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22300x169%22%5D%7D%2C%7B%22sd%22%3A%22adhesion_desktop%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A16%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22Quote%20Fancy%22%2C%22domain%22%3A%22quotefancy.com%22%2C%22cat%22%3A%5B%22IAB5%22%2C%22IAB9%22%2C%22IAB9-2%22%5D%2C%22sectioncat%22%3A%5B%22IAB5%22%2C%22IAB9%22%2C%22IAB9-2%22%5D%2C%22pagecat%22%3A%5B%22IAB5%22%2C%22IAB9%22%2C%22IAB9-2%22%5D%2C%22page%22%3A%22https%3A%2F%2Fquotefancy.com%2F%22%2C%22ref%22%3A%22%22%2C%22keywords%22%3A%22quotefancy%2Cbeautiful%20wallpapers%2Cinspirational%20quotes%2Cfree%20download%2Cmotivational%20quote%2Cwallpaper%2Chigh-resolution%20image%2Cspace%2Cprintable%20poster%22%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22content%22%3A%7B%22language%22%3A%22en%22%2C%22cat%22%3A%5B%22IAB5%22%2C%22IAB9%22%2C%22IAB9-2%22%5D%2C%22data%22%3A%5B%7B%22name%22%3A%22gumgum.com%22%2C%22ext%22%3A%7B%22segtax%22%3A2%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22239%22%7D%5D%7D%5D%7D%2C%22ext%22%3A%7B%7D%7D%2C%22user%22%3A%7B%22geo%22%3A%7B%22region%22%3A%22NY%22%2C%22country%22%3A%22US%22%7D%2C%22ext%22%3A%7B%22eids%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!pubnation.com%2C7714093e54f705d7340cd766f66333f2%2C1%2C%2C%2C&gpp=DBABzw~1---~BqgAAAAAAgA&pubid=b8e296dd-fc9f-4561-b5be-0262680b7abd&gdpre=0&gdprl=%7B%22status%22%3A%22explicit-no-gdpr%22%2C%22enabled%22%3Afalse%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.97.238 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d4aa84013921cdd269ab20fbd29fbe1e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD56-P1
x-amz-rid
W6JMCJ0YVV5RZZ11BNPG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
PoQpggf4mI0JeZp7LJC3fGq9yDEfOa2V_EOnbNSu1WPUmD70KRPvRA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.249.178 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 c61ed55833f98dc012e73350de5485f0.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD51-C4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
kfoHNVwdSCYR6qsHUUeyw_EmI0bv0zMWI7ndgHMuDaAvyf2e19aNBg==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
e073b62a5bf693168414d9215125147580b57596cf098ed4720acb46382208a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-rjk4G+a2S7BX3Hz3qkYr2OHwkzg"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
location
/esp?url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1043877398072632&correlator=2989793211669170&eid=44809527%2C31080255%2C95320409%2C31080405%2C31080116&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=22794612459%3A3029686%2Cquotefancy%2Cadhesion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C320x100&ifi=1&sfv=1-0-40&fsbs=1&eri=5&sc=1&cookie_enabled=1&cdm=arvan.arv1.arv1.vai2app.site&abxe=1&dt=1705069283807&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fquotefancy.com%2F&loc=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&vis=1&psz=728x-1&msz=0x-1&fws=640&ohw=0&ga_vid=1879337364.1705069277&ga_sid=1705069284&ga_hid=290197914&ga_fc=true&dlt=1705069276446&idt=6905&prev_scp=hb_bidder%3Drubicon%26hb_adid%3D238aa80240820ec%26hb_pb%3D0.72%26hb_sdef_set%3D0.963692%26hb_bid%3D0.72%26hb_bsbid%3D0.7156836%26hb_safeframe%3D1%26hb_liv%3D4%26hb_ub%3D0.72%26hb_size%3D970x90%26hb_pb_pubmatic_s2s%3D0.16%26hb_pb_gumgum_s2s%3D0.69%26hb_pb_rubicon%3D0.71%26sales_cat%3D239%26sales_safety%3DGGT0%26sales_kw%3Dquotefancy%252Cbeautiful%2520wallpapers%252Cinspirational%2520quotes%252Cfree%2520download%252Cmotivational%2520quote%252Cwallpaper%252Chigh-resolution%2520image%252Cspace%252Cprintable%2520poster%26partnerLift%3DcriteoE3M3%2CebOff%26slot_id%3Dadhesion_desktop%26hb_count%3D3%26hb_pool%3D0%26hb_pmp%3D0%26UR%3D72%26URP%3D138%26OE%3D0%26google%3D1%26native%3D1%26slot_number%3D1%26slot%3Dadhesion_desktop%26arrival%3D0%26refresh%3D0%26bidFloor%3D0.16%26ccpa%3D1---%26timeout%3Dadhesion_atf_d_2801%26gid%3D0%26inview%3D0%26grow_state%3D1%263pc%3D1%26illr%3D0%26gpp%3D0-0-0%26sizeLift%3Dadhesion_desktop_468x60_t&cust_params=site%3Dquote-fancy%26path%3D%252F%26secure%3D1%26sessiondepth%3D1%26optout%3D%26categories%3Deducation%252Chobbies-and-interests%252Chobbies-and-interests-arts-and-crafts%26generator%3Dweb%26bucket%3D55%26referrer_url%3DDIRECT%26utm_source%3D%26utm_campaign%3D%26dow%3D5%26day%3D12%26month%3D1%26hour%3D14%26wrapper_group%3D2.94.39%26wswy%3D0%26sessionId%3D1879337364%26groupm%3D1%26browser%3DChrome%26os%3DWindows%26s2sVersion%3Dproduction&adks=3205814283&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0e161ef29e72de0ae119f8f2d6fe074c904c5d9d6a11d90c5ca572c2df98db3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10038
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
f0f5152bbe44ff19f51dea98aa045e22649d99fa38dc00e62ad336a1b0936af8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12234
x-xss-protection
0
container.html
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 266A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Sat, 11 Jan 2025 14:21:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.4.232.54 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
x-serial
1
x-check-cacheable
YES
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
x-akamai-pragma-client-ip
10.44.130.72, 4.7.166.99
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 12 Jan 2024 14:36:24 GMT
targeting
pdmp.profiles.tagger.opecloud.com/v1/ 		130 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pdmp.profiles.tagger.opecloud.com/v1/targeting?url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&fpid=484497a8-a668-4aac-901f-409c8df15ae2&tenant=b4
Requested by
Host: cdn.opecloud.com
URL: https://cdn.opecloud.com/ope-dmplite.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.42.58 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7bd0f5797f0ca557016430f65ee5b887dd0adcf369c0e812a4970f85f75f246

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache
content-type
application/json
/
exchange.pubnation.com/bidRequest/ 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/bidRequest/?s2sVersion=production
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
353e93f031f0ca3e90ace413679b480d7c2c770fe46091b22ffaa5eca06ea628

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&pid=xlmxOgMNo0hfg&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22content_btf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A16%7D%2C%7B%22sd%22%3A%22content_3_btf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A16%7D%2C%7B%22sd%22%3A%22content_2_btf%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A16%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22Quote%20Fancy%22%2C%22domain%22%3A%22quotefancy.com%22%2C%22cat%22%3A%5B%22IAB5%22%2C%22IAB9%22%2C%22IAB9-2%22%5D%2C%22sectioncat%22%3A%5B%22IAB5%22%2C%22IAB9%22%2C%22IAB9-2%22%5D%2C%22pagecat%22%3A%5B%22IAB5%22%2C%22IAB9%22%2C%22IAB9-2%22%5D%2C%22page%22%3A%22https%3A%2F%2Fquotefancy.com%2F%22%2C%22ref%22%3A%22%22%2C%22keywords%22%3A%22quotefancy%2Cbeautiful%20wallpapers%2Cinspirational%20quotes%2Cfree%20download%2Cmotivational%20quote%2Cwallpaper%2Chigh-resolution%20image%2Cspace%2Cprintable%20poster%22%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22content%22%3A%7B%22language%22%3A%22en%22%2C%22cat%22%3A%5B%22IAB5%22%2C%22IAB9%22%2C%22IAB9-2%22%5D%2C%22data%22%3A%5B%7B%22name%22%3A%22gumgum.com%22%2C%22ext%22%3A%7B%22segtax%22%3A2%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22239%22%7D%5D%7D%5D%7D%2C%22ext%22%3A%7B%7D%7D%2C%22user%22%3A%7B%22geo%22%3A%7B%22region%22%3A%22NY%22%2C%22country%22%3A%22US%22%7D%2C%22ext%22%3A%7B%22eids%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!pubnation.com%2C7714093e54f705d7340cd766f66333f2%2C1%2C%2C%2C&gpp=DBABzw~1---~BqgAAAAAAgA&pubid=b8e296dd-fc9f-4561-b5be-0262680b7abd&gdpre=0&gdprl=%7B%22status%22%3A%22explicit-no-gdpr%22%2C%22enabled%22%3Afalse%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.97.238 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d4aa84013921cdd269ab20fbd29fbe1e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD56-P1
x-amz-rid
XPF66EVYEZ0SRRJ1KC2G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
h5wRQKHUYCROkmRnFOBZv1yMvgeCbNjXJKF7O9o2TvFkfztLomODXQ==
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=849007
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
eff63b5eee728ea6cc6b8f8553b7afbb3f09a1c60b1ce22b1ac41386068373c1

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxnpMqwZXwui9f%2BzHXCEiXCxoGeFYE4MdCpnBy8EnS3cuxmUiERI9BbLjdcx1nGEyTi4OfgPHIGRiyvLuX3xh86MVXPhtCWmpExDMSY6iACo2iwavBYwQDeCyG8elIMS2ls0ddh5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84460bb0ac797421-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=849007
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
eff63b5eee728ea6cc6b8f8553b7afbb3f09a1c60b1ce22b1ac41386068373c1

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vj8QJqr4Mwdmi17OSG%2BYZsZ5vmhkxIqJTzb%2BOvQGpGQ6k4sxILEq5uvGNnMURIALmwzY4l4capjPPXh3%2Fy5QJ4AWE79WjjP384hOSRgjqxxHp5FX8rxefBTGXd%2F61dqtfzJIPfcB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84460bb0ac7b7421-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
69 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
date
Fri, 12 Jan 2024 14:21:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
dad622ecba07a2ca8bc1ecfedc9c5ef62675d26e8faa0b41d1d71e50677e1d5c

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.6.0
Content-Type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		622 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24214&site_id=499906&zone_id=2979456&size_id=15&alt_size_ids=2%2C1%2C14%2C16&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&rp_schain=1.0,1!pubnation.com,7714093e54f705d7340cd766f66333f2,1,,,&tpid_tdid=70451e3f-8576-44e3-b479-ae4858a3ebcb&eid_adserver.org=70451e3f-8576-44e3-b479-ae4858a3ebcb&eid_pubcid.org=1088537e-9fdf-43b6-bcef-640f901e1153%5E1&eid_criteo.com=x1gmul9tNlNQZTFSdkxKREo1NTFZaHZwQzEzcUd3dkZ2SkFmRlZZbjJ6SFA4NzNLRGFEOFlTMEdtY0tUYWsxY3labkJtT0ZJMUd5dUVRY2h6eGY4Q3E2RW9PZyUzRCUzRA%5E1&rf=https%3A%2F%2Fquotefancy.com%2F&kw=quotefancy%2Cbeautiful%20wallpapers%2Cinspirational%20quotes%2Cfree%20download%2Cmotivational%20quote%2Cwallpaper%2Chigh-resolution%20image%2Cspace%2Cprintable%20poster&tg_i.domain=quotefancy.com&tg_i.page=https%3A%2F%2Fquotefancy.com%2F&tg_i.name=Quote%20Fancy&tg_i.cat=IAB5%2CIAB9%2CIAB9-2&tg_i.sectioncat=IAB5%2CIAB9%2CIAB9-2&tg_i.pagecat=IAB5%2CIAB9%2CIAB9-2&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.iab=239&tg_i.category=education%2Chobbies-and-interests%2Chobbies-and-interests-arts-and-crafts&tg_i.pbadslot=%2F22794612459%2C3029686%2Fquotefancy%2Fcontent&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=55822ac6a2571cc&p_screen_res=1600x1200&rp_floor=0.19&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9597923420396444
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
381fa71f2506f4fca308444f6dc236fea1dedf9d39cd7de82bb5f7332a0e1ee1

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
622
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		622 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24214&site_id=499906&zone_id=2979456&size_id=15&alt_size_ids=2%2C1%2C14%2C16&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&rp_schain=1.0,1!pubnation.com,7714093e54f705d7340cd766f66333f2,1,,,&tpid_tdid=70451e3f-8576-44e3-b479-ae4858a3ebcb&eid_adserver.org=70451e3f-8576-44e3-b479-ae4858a3ebcb&eid_pubcid.org=1088537e-9fdf-43b6-bcef-640f901e1153%5E1&eid_criteo.com=x1gmul9tNlNQZTFSdkxKREo1NTFZaHZwQzEzcUd3dkZ2SkFmRlZZbjJ6SFA4NzNLRGFEOFlTMEdtY0tUYWsxY3labkJtT0ZJMUd5dUVRY2h6eGY4Q3E2RW9PZyUzRCUzRA%5E1&rf=https%3A%2F%2Fquotefancy.com%2F&kw=quotefancy%2Cbeautiful%20wallpapers%2Cinspirational%20quotes%2Cfree%20download%2Cmotivational%20quote%2Cwallpaper%2Chigh-resolution%20image%2Cspace%2Cprintable%20poster&tg_i.domain=quotefancy.com&tg_i.page=https%3A%2F%2Fquotefancy.com%2F&tg_i.name=Quote%20Fancy&tg_i.cat=IAB5%2CIAB9%2CIAB9-2&tg_i.sectioncat=IAB5%2CIAB9%2CIAB9-2&tg_i.pagecat=IAB5%2CIAB9%2CIAB9-2&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.iab=239&tg_i.category=education%2Chobbies-and-interests%2Chobbies-and-interests-arts-and-crafts&tg_i.pbadslot=%2F22794612459%2C3029686%2Fquotefancy%2Fcontent&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=56acebd175d0439&p_screen_res=1600x1200&rp_floor=0.19&rp_secure=1&rp_maxbids=1&slots=1&rand=0.28020702304238765
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cd0e2eaa3ec95e9399129e0f9d3282c18650afbbd9d248a4ecc1e2c3ba0084ca

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
622
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		622 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24214&site_id=499906&zone_id=2979456&size_id=15&alt_size_ids=2%2C1%2C14%2C16&us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&rp_schain=1.0,1!pubnation.com,7714093e54f705d7340cd766f66333f2,1,,,&tpid_tdid=70451e3f-8576-44e3-b479-ae4858a3ebcb&eid_adserver.org=70451e3f-8576-44e3-b479-ae4858a3ebcb&eid_pubcid.org=1088537e-9fdf-43b6-bcef-640f901e1153%5E1&eid_criteo.com=x1gmul9tNlNQZTFSdkxKREo1NTFZaHZwQzEzcUd3dkZ2SkFmRlZZbjJ6SFA4NzNLRGFEOFlTMEdtY0tUYWsxY3labkJtT0ZJMUd5dUVRY2h6eGY4Q3E2RW9PZyUzRCUzRA%5E1&rf=https%3A%2F%2Fquotefancy.com%2F&kw=quotefancy%2Cbeautiful%20wallpapers%2Cinspirational%20quotes%2Cfree%20download%2Cmotivational%20quote%2Cwallpaper%2Chigh-resolution%20image%2Cspace%2Cprintable%20poster&tg_i.domain=quotefancy.com&tg_i.page=https%3A%2F%2Fquotefancy.com%2F&tg_i.name=Quote%20Fancy&tg_i.cat=IAB5%2CIAB9%2CIAB9-2&tg_i.sectioncat=IAB5%2CIAB9%2CIAB9-2&tg_i.pagecat=IAB5%2CIAB9%2CIAB9-2&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.iab=239&tg_i.category=education%2Chobbies-and-interests%2Chobbies-and-interests-arts-and-crafts&tg_i.pbadslot=%2F22794612459%2C3029686%2Fquotefancy%2Fcontent&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=589351543464e7d&p_screen_res=1600x1200&rp_floor=0.19&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8625664035174159
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c967863004cd438b5c4a79eda36e78e4bc53870a196b00426c5eea50fc15c374

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
622
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
892 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.20.0&referrer=https%3A%2F%2Fquotefancy.com%2F&tmax=2801&us_privacy=1---
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.87.155.248 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:23 GMT
accept-ch
sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform
x-auction-status
12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9B63 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48145
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Sat, 13 Jan 2024 03:43:49 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
redirect
exchange.pubnation.com/usersync/ Frame 7EFD
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562728&ev=dd2574a0-b155-11ee-8571-813a2ca4bdfa&rurl=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpulsepoint%26uuid%3Ddd2574a0-b155-1...
  • https://exchange.pubnation.com/usersync/redirect?partner=pulsepoint&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=SQ7VaPKApf5j&ev=dd2574a0-b155-11ee-8571-813a2ca4bdfa&pi...
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=pulsepoint&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=SQ7VaPKApf5j&ev=dd2574a0-b155-11ee-8571-813a2ca4bdfa&pid=562728
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:24 GMT
vary
Origin, Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-5b8764964b-d9rwg
expires
-1
location
https://exchange.pubnation.com/usersync/redirect?partner=pulsepoint&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=SQ7VaPKApf5j&ev=dd2574a0-b155-11ee-8571-813a2ca4bdfa&pid=562728
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 56B2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32100
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 12 Jan 2024 14:21:24 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 05 Jan 2024 05:26:09 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
273, 57128
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760092-MIA
X-Timer
S1705069284.205777,VS0,VE0
cm
u.openx.net/w/1.0/ Frame 86F5
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee...
  • https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
b1c54fbcc70bd544f4d89d3ea3f738cbbb939e1cd1bd2335172235723ca676ed

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
832
content-type
text/html
date
Fri, 12 Jan 2024 14:21:24 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 12 Jan 2024 14:21:24 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 4AA8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pubnation&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pubnation&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pubnation&endpoint=us-east
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jan 2024 14:21:24 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Jan 2024 14:21:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=pubnation&endpoint=us-east
server
AkamaiGHost
15635
rtb.gumgum.com/usync/ Frame A166 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.141.229 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ad66eff437ac9c1c4d663af26bd954b98c274868e22c101a14297ba83be735a2

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 12 Jan 2024 14:21:24 GMT
etag
W/"0edb1312f744678ba372e398ff2e8e8f0"
server
nginx
timing-allow-origin
*
redirect
exchange.pubnation.com/usersync/ Frame 20F5
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dyieldmo%26uuid%3Ddd2574a0-b155-11ee-8571-813a2c...
  • https://exchange.pubnation.com/usersync/redirect?partner=yieldmo&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=VEzYkGcQQYcwA8NMH3W0&gdpr=&gdpr_consent=&us_privacy=1---
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=yieldmo&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=VEzYkGcQQYcwA8NMH3W0&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:24 GMT
vary
Origin, Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json;charset=utf-8
date
Fri, 12 Jan 2024 14:21:24 GMT
location
https://exchange.pubnation.com/usersync/redirect?partner=yieldmo&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=VEzYkGcQQYcwA8NMH3W0&gdpr=&gdpr_consent=&us_privacy=1---
pragma
no-cache
redirect
exchange.pubnation.com/usersync/ Frame FA65
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dtriplelift%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2...
  • https://exchange.pubnation.com/usersync/redirect?partner=triplelift&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=4117923867202039094483
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=triplelift&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=4117923867202039094483
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:24 GMT
vary
Origin, Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 12 Jan 2024 14:21:24 GMT
location
https://exchange.pubnation.com/usersync/redirect?partner=triplelift&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=4117923867202039094483
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
redirect
exchange.pubnation.com/usersync/ Frame A045
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199830&cb=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3DindexExchange%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sV...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3DindexExchange%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3D...
  • https://exchange.pubnation.com/usersync/redirect?partner=indexExchange&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=ZaFK5Nv31rY90DfpRZT2bAAA%265569
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=indexExchange&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=ZaFK5Nv31rY90DfpRZT2bAAA%265569
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:24 GMT
vary
Origin, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84460bb26db69aba-MIA
content-length
0
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
0
location
https://exchange.pubnation.com/usersync/redirect?partner=indexExchange&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=ZaFK5Nv31rY90DfpRZT2bAAA%265569
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFfb2biPFtFV3%2F7Rfjmk6ChUjQhmRzfR335lFBeu0FEJdKjMxZMnhwMnvNRi28Ln0sIc%2F3qjXcGajkFWV8%2BrDsCcrFlCuGkN4RrpRNwuJ9%2FSZ67T0o7fAfVOkZ6ejO5MHGbWRsR4VPxOWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
redirect
exchange.pubnation.com/usersync/ Frame D00C
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=19&type=mdv&ovsid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&us_privacy=1---&redirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dmed...
  • https://exchange.pubnation.com/usersync/redirect?partner=mediadotnet&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=3480708841523799000V10
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=mediadotnet&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=3480708841523799000V10
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:24 GMT
vary
Origin, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Fri, 12 Jan 2024 14:21:24 GMT
location
https://exchange.pubnation.com/usersync/redirect?partner=mediadotnet&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=3480708841523799000V10
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
redirect
exchange.pubnation.com/usersync/ Frame 7CD5
Redirect Chain
  • https://sync.colossusssp.com/ortb.gif?redir=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dhuddled_masses%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduc...
  • https://exchange.pubnation.com/usersync/redirect?partner=huddled_masses&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=07ae1cef-b5e8-41f0-879e-a378f259d97b
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=huddled_masses&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=07ae1cef-b5e8-41f0-879e-a378f259d97b
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:24 GMT
vary
Origin, Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 12 Jan 2024 14:21:24 GMT
Expires
0
Location
https://exchange.pubnation.com/usersync/redirect?partner=huddled_masses&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=07ae1cef-b5e8-41f0-879e-a378f259d97b
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
redirect
exchange.pubnation.com/usersync/ Frame 5C94
Redirect Chain
  • https://jadserve.postrelease.com/suid/101960?ntv_r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dnativo%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduct...
  • https://exchange.pubnation.com/usersync/redirect?partner=nativo&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=e7ade0f5-7c8b-4e53-bc97-b93631c89096
0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=nativo&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=e7ade0f5-7c8b-4e53-bc97-b93631c89096
Requested by
Host: exchange.pubnation.com
URL: https://exchange.pubnation.com/usersync.min.js?s2sVersion=production
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:24 GMT
vary
Origin, Accept-Encoding

Redirect headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-length
0
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Mon, 1 Jan 1990 12:00:00 GMT
location
https://exchange.pubnation.com/usersync/redirect?partner=nativo&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=e7ade0f5-7c8b-4e53-bc97-b93631c89096
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
nginx
redirect
exchange.pubnation.com/usersync/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://exchange.pubnation.com/usersync/redirect?partner=appnexus&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dappnexus%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%2...
  • https://exchange.pubnation.com/usersync/redirect?partner=appnexus&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=3856803846468436779
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=appnexus&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=3856803846468436779
Protocol
H2
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
an-x-request-uuid
52c60699-2abb-4954-9600-d8b1fd302d63
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://exchange.pubnation.com/usersync/redirect?partner=appnexus&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=3856803846468436779
x-proxy-origin
38.132.118.69; 38.132.118.69; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
redirect
exchange.pubnation.com/usersync/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dmediagrid%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partner...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dmediagrid%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26p...
  • https://exchange.pubnation.com/usersync/redirect?partner=mediagrid&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=ecefce38-80ea-413e-bb6f-a7aa7208bba0
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=mediagrid&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=ecefce38-80ea-413e-bb6f-a7aa7208bba0
Protocol
H2
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Location
https://exchange.pubnation.com/usersync/redirect?partner=mediagrid&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=ecefce38-80ea-413e-bb6f-a7aa7208bba0
Date
Fri, 12 Jan 2024 14:21:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookiesyncredir
bttrack.com/pixel/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy=1---&user_id=dd2574a0-b155-11ee-8571-813a2ca4bdfa
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy=1---&user_id=dd2574a0-b155-11ee-8571-813a2ca4bdfa
  • https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=themediagrid
35 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=themediagrid
Protocol
H2
Server
192.132.33.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-servername
Track003-iad
pragma
no-cache
date
Fri, 12 Jan 2024 14:21:08 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1

Redirect headers

Location
//bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=themediagrid
Date
Fri, 12 Jan 2024 14:21:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
redirect
exchange.pubnation.com/usersync/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58814/sync?redir=true&gpp_sid=-1&gpp=DBABzw~1---~BqgAAAAAAgA
  • https://ups.analytics.yahoo.com/ups/58814/sync?redir=true&gpp_sid=-1&gpp=DBABzw~1---~BqgAAAAAAgA&verify=true
  • https://exchange.pubnation.com/usersync/redirect?partner=verizon&partnerId=y-0hV_ocRE2uKS.VX90zRpRiYSbL1WheS4~A&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=-1
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=verizon&partnerId=y-0hV_ocRE2uKS.VX90zRpRiYSbL1WheS4~A&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=-1
Protocol
H2
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

location
https://exchange.pubnation.com/usersync/redirect?partner=verizon&partnerId=y-0hV_ocRE2uKS.VX90zRpRiYSbL1WheS4~A&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=-1
date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server_match
ice.360yield.com/ 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ice.360yield.com/server_match?&partner_id=1625&r=https://exchange.pubnation.com/usersync/redirect?partner=improvedigital&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId={PUB_USER_ID}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.208.244.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Jan 2024 14:21:24 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
generic
match.adsrvr.org/track/cmf/ 		70 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=qmkecas&ttd_puid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&ttd_tpi=1&rurl=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dthe_trade_desk%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D%25%25TDID%25%25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 14:21:24 GMT
async_usersync
ib.adnxs.com/ Frame 56B2 		0
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
an-x-request-uuid
4a56c1d1-7368-4280-bcae-5031aaae59eb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9B63 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97433804&p=162150&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7ed831a8c6054fb3af22526178cc860b9b5bc53afe2172d8b03e0cccabac3a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 14:21:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pd
google-bidout-d.openx.net/w/1.0/ Frame 4F6A 		749 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
7536ce4b903fb328a063cf32a41e07cfc78fcf5c50008641abf706c5f8351ab7

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
465
content-type
text/html
date
Fri, 12 Jan 2024 14:21:24 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
container.html
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5912 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Sat, 11 Jan 2025 14:21:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame A166
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3856803846468436779
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3856803846468436779
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
an-x-request-uuid
8b9beda6-2c1d-43c5-984b-42bde4686992
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=3856803846468436779
x-proxy-origin
38.132.118.69; 38.132.118.69; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A166
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_784e2795-0b60-4c92-a5aa-180ee9001fa7&gdpr=&gdpr_consent=&us_privacy=1---
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=ecefce38-80ea-413e-bb6f-a7aa7208bba0
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=ecefce38-80ea-413e-bb6f-a7aa7208bba0&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f5cc8976-a193-4c27-9918-e0b494ca0d22%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70451e3f-8576-44e3-b479-ae4858a3ebcb&ttd_puid=f5cc8976-a193-4c27-9918-e0b494ca0d22%2Chttps%253A%252F%252Fx.bidswitch.net%...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=gumgum2&bsw_param=ecefce38-80ea-413e-bb6f-a7aa7208bba0
  • https://usersync.gumgum.com/usersync?b=bsw&i=ecefce38-80ea-413e-bb6f-a7aa7208bba0&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=ecefce38-80ea-413e-bb6f-a7aa7208bba0&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=ecefce38-80ea-413e-bb6f-a7aa7208bba0&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 12 Jan 2024 14:21:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame A166
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e8c4fa87-9e40-0546-2394-6616c33b4043
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e8c4fa87-9e40-0546-2394-6616c33b4043
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e8c4fa87-9e40-0546-2394-6616c33b4043
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame A166
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69
Date
Fri, 12 Jan 2024 14:21:24 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame A166
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-.KWGbQ9E2pcMzF.fYHXrPPqYePd.DmTlodJp~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-.KWGbQ9E2pcMzF.fYHXrPPqYePd.DmTlodJp~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-.KWGbQ9E2pcMzF.fYHXrPPqYePd.DmTlodJp~A
content-length
0
usersync
usersync.gumgum.com/ Frame A166
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusers...
  • https://usersync.gumgum.com/usersync?b=vnt&i=6f1ebc94-d3d1-488e-b28a-77cdc832b37d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=6f1ebc94-d3d1-488e-b28a-77cdc832b37d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=6f1ebc94-d3d1-488e-b28a-77cdc832b37d
Date
Fri, 12 Jan 2024 14:21:24 GMT
Connection
keep-alive
X-CI-RTID
f159b8ab-b8b0-4d9c-9ea2-c670e7fdf44e
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame A166 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 12 Jan 2024 14:21:23 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame A166
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_784e2795-0b60-4c92-a5aa-180ee9001fa7&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=u_784e2795-0b60-4c92-a5aa-180ee9001fa7&s=2&us_privacy=1---
  • https://usersync.gumgum.com/usersync?b=zem&i=mtRNexdJAiYiA4CMZ-BJ&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=mtRNexdJAiYiA4CMZ-BJ&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:24 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=mtRNexdJAiYiA4CMZ-BJ&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame A166
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=SQ7VaPKApf5j&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=SQ7VaPKApf5j&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Server
3.231.141.229 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=SQ7VaPKApf5j&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-d9rwg
expires
-1
usersync
usersync.gumgum.com/ Frame A166
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3618674865577090467
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3618674865577090467
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3618674865577090467
date
Fri, 12 Jan 2024 14:21:24 GMT
content-length
0
redirect
exchange.pubnation.com/usersync/ Frame A166 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=gumgum&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=u_784e2795-0b60-4c92-a5aa-180ee9001fa7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
redirect
exchange.pubnation.com/usersync/ Frame 86F5 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=d1b0ce92-0086-0a7c-24f0-90d8b93f2cb8
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
sync
ups.analytics.yahoo.com/ups/58294/ Frame 86F5 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=313ddd7e-6e3f-0759-17c8-b7f19cc8b56c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
db_sync
px.ads.linkedin.com/ Frame 86F5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=4a3f2191-7b12-0b70-1b96-f60832f020dd
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokNGEzZjIxOTEtN2IxMi0wYjcwLTFiOTYtZjYwODMyZjAyMGRkEAAaDQjklYWtBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=73355c859cf3128bf77fdd286fb9d6247139dc91872d4f8c13704665851e9d93791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=73355c859cf3128bf77fdd286fb9d6247139dc91872d4f8c13704665851e9d93791426b5417dce21&rand=07707264
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=73355c859cf3128bf77fdd286fb9d6247139dc91872d4f8c13704665851e9d93791426b5417dce21&rand=07707264&expected_cookie=a4cac367-52b7-4faf-8bd7-39cffc326344
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=73355c859cf3128bf77fdd286fb9d6247139dc91872d4f8c13704665851e9d93791426b5417dce21&rand=07707264&expected_cookie=a4cac367-52b7-4faf-8bd7-39cffc326344
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 15A316F4FB1444768D3BF3AA94F441A3 Ref B: MIAEDGE1813 Ref C: 2024-01-12T14:21:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOwGEUFpxZX91sHy9zjQ==

Redirect headers

date
Fri, 12 Jan 2024 14:21:24 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: DADEC25E8B49472AA24E818A7D3A8063 Ref B: MIAEDGE1813 Ref C: 2024-01-12T14:21:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=10339&puuid=73355c859cf3128bf77fdd286fb9d6247139dc91872d4f8c13704665851e9d93791426b5417dce21&rand=07707264&expected_cookie=a4cac367-52b7-4faf-8bd7-39cffc326344
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOwGESEYKC2/ZlSIuv9w==
sd
us-u.openx.net/w/1.0/ Frame 86F5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3856803846468436779
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3856803846468436779
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Protocol
H3
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
an-x-request-uuid
e4b9145f-8763-4f4e-8d63-a51f47d2c8a1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3856803846468436779
x-proxy-origin
38.132.118.69; 38.132.118.69; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 86F5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2857394797843077431&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2857394797843077431&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Protocol
H3
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2857394797843077431&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 86F5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZaFK5AAN9yxRcwBU
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZaFK5AAN9yxRcwBU&_test=ZaFK5AAN9yxRcwBU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZaFK5AAN9yxRcwBU&_test=ZaFK5AAN9yxRcwBU
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Protocol
H3
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760091-MIA
pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705069285.686549,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZaFK5AAN9yxRcwBU&_test=ZaFK5AAN9yxRcwBU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
8b3e38b3-26f9-af59-7538-600ef43c8c4c
pr-bh.ybp.yahoo.com/sync/openx/ Frame 86F5 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/8b3e38b3-26f9-af59-7538-600ef43c8c4c?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:65dd:568a:ef48:8f07 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 86F5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=472f228a-aaff-86ea-84e1-f46c63588ae5
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=472f228a-aaff-86ea-84e1-f46c63588ae5&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=472f228a-aaff-86ea-84e1-f46c63588ae5&dcc=t
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P49M2DH2SHRCQW8N0C86
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SABXEZQXYSH2X5EEE9W1
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=472f228a-aaff-86ea-84e1-f46c63588ae5&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 86F5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=1ff95ef7-b655-3d10-44ef-76fb0b6b4105&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=70451e3f-8576-44e3-b479-ae4858a3ebcb&ttd_puid=1ff95ef7-b655-3d10-44ef-76fb0b6b4105&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=70451e3f-8576-44e3-b479-ae4858a3ebcb&ttd_puid=1ff95ef7-b655-3d10-44ef-76fb0b6b4105&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Protocol
H3
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=70451e3f-8576-44e3-b479-ae4858a3ebcb&ttd_puid=1ff95ef7-b655-3d10-44ef-76fb0b6b4105&gdpr=0&gdpr_consent=
date
Fri, 12 Jan 2024 14:21:24 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 86F5 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzM5NjhkM2QtN2YyMi02M2I0LTUxMGYtMmM0MmMxODk4ZjY1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 86F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJoWfCmUy0fS4vkwvf1J37s&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJoWfCmUy0fS4vkwvf1J37s&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=7e872606-a65a-463e-adc2-6ddfd0bdaeea&ph=0fd68730-06b2-46ad-be0b-befc4c4f19d2&r=https://exchange.pubnation.com/usersync/redirect?partner=openx&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=
Protocol
H3
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJoWfCmUy0fS4vkwvf1J37s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame A304
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=1153590972671537316&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=1153590972671537316&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Jan 2024 14:21:24 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=1153590972671537316&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 1E06 		170 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83ODRlMjc5NS0wYjYwLTRjOTItYTVhYS0xODBlZTkwMDFmYTc=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FA73 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48145
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Sat, 13 Jan 2024 03:43:49 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame 4F6A
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=00776a12-e42f-015e-327a-edbaef594f34&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaFK5MQcy7kiseXRetkkMe6q
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaFK5MQcy7kiseXRetkkMe6q
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 14:21:24 GMT
server
Aorta/20231219.0f0182a99
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaFK5MQcy7kiseXRetkkMe6q
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
c8c744f3c5a1
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 4F6A
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=wK_Uyx_ThD6imzpM2HJ7vw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.186.253.211 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4F6A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=cecae5ce-b346-4859-99db-46f18af7e69b
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=cecae5ce-b346-4859-99db-46f18af7e69b
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=cecae5ce-b346-4859-99db-46f18af7e69b
Date
Fri, 12 Jan 2024 14:21:24 GMT
Connection
keep-alive
X-CI-RTID
d71458c5-8e6d-4c10-9fe5-3f737df56dea
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 4F6A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=f2d37a63-f662-43ed-b1f2-c0d48c1ca65d-65a14ae4-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=f2d37a63-f662-43ed-b1f2-c0d48c1ca65d-65a14ae4-5553&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=f2d37a63-f662-43ed-b1f2-c0d48c1ca65d-65a14ae4-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 4F6A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=19872d0b-ed52-0097-0e0e-ee2d38e78009
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=19872d0b-ed52-0097-0e0e-ee2d38e78009
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=19872d0b-ed52-0097-0e0e-ee2d38e78009
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=19872d0b-ed52-0097-0e0e-ee2d38e78009
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 9293
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=70451e3f-8576-44e3-b479-ae4858a3ebcb
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=70451e3f-8576-44e3-b479-ae4858a3ebcb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Jan 2024 14:21:24 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Fri, 12 Jan 2024 14:21:24 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=70451e3f-8576-44e3-b479-ae4858a3ebcb
server
Kestrel
usersync
usersync.gumgum.com/ Frame 539B
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaFK5cCo5sMAALTC2e0AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZaFK5cCo5sMAALTC2e0AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Jan 2024 14:21:25 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 12 Jan 2024 14:21:25 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZaFK5cCo5sMAALTC2e0AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad146.dc4p.scaleout.jp
X-SO-IP
38.132.118.69
X-SO-Key
ZaFK5cCo5sMAALTC2e0AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.69","key":"ZaFK5cCo5sMAALTC2e0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad146"}
X-SO-LB-Hostname
a-tgng40005.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad146
usersync
usersync.gumgum.com/ Frame 2816
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=vbKPo6BZzg43kT8Uf3YS5UeqoimMo025DM5gfrcAftI&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=vbKPo6BZzg43kT8Uf3YS5UeqoimMo025DM5gfrcAftI&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 12 Jan 2024 14:21:25 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 12 Jan 2024 14:21:25 GMT Fri, 12 Jan 2024 14:21:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=vbKPo6BZzg43kT8Uf3YS5UeqoimMo025DM5gfrcAftI&pi=gumgum&tc=1
pragma
no-cache
ads
securepubads.g.doubleclick.net/gampad/ 		289 KB
84 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1043877398072632&correlator=4364637407770287&eid=44809527%2C31080255%2C95320409%2C31080405%2C31080116&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=22794612459%3A3029686%2Cquotefancy%2Ccontent&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C728x90%7C336x280%7C468x60%7C250x250%7C320x50%2C320x50%7C300x250%7C728x90%7C336x280%7C468x60%7C250x250%7C320x50%2C320x50%7C300x250%7C728x90%7C336x280%7C468x60%7C250x250%7C320x50&fluid=height%2Cheight%2Cheight&ifi=2&sfv=1-0-40&fsbs=1%2C1%2C1&eri=5&sc=1&cookie=ID%3D0324a50cb00b36be%3AT%3D1705069283%3ART%3D1705069283%3AS%3DALNI_MaqP-CJdDXLp4wLv0uFowQabCq9Mg&cdm=arvan.arv1.arv1.vai2app.site&gpic=UID%3D00000db69ebe51a5%3AT%3D1705069283%3ART%3D1705069283%3AS%3DALNI_MYFqq1HhoitSe4uhF2bgBGF1yKDTw&abxe=1&dt=1705069284512&adxs=640%2C640%2C640&adys=1704%2C3264%2C4824&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3&ucis=2%7C3%7C4&oid=2&tos=~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fquotefancy.com%2F&loc=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&vis=1&psz=300x-1%7C300x-1%7C300x-1&msz=300x-1%7C300x-1%7C300x-1&fws=4%2C4%2C4&ohw=300%2C300%2C300&ga_vid=1879337364.1705069277&ga_sid=1705069284&ga_hid=290197914&ga_fc=true&dlt=1705069276446&idt=6905&prev_scp=maxVelocity%3D801%26hb_bidder%3Dopenx_s2s%26hb_adid%3D70c3a80553616ea%26hb_pb%3D0.17%26hb_sdef_set%3D0.963692%26hb_bid%3D0.17%26hb_bsbid%3D0.16898085000000002%26hb_safeframe%3D1%26hb_s2sBidder%3Dopenx%26hb_liv%3D4%26hb_ub%3D0.17%26hb_size%3D728x90%26sales_cat%3D239%26sales_safety%3DGGT0%26sales_kw%3Dquotefancy%252Cbeautiful%2520wallpapers%252Cinspirational%2520quotes%252Cfree%2520download%252Cmotivational%2520quote%252Cwallpaper%252Chigh-resolution%2520image%252Cspace%252Cprintable%2520poster%26partnerLift%3DcriteoE3M3%2CebOff%26slot_id%3Dcontent_btf%26hb_count%3D1%26hb_pool%3D1%26hb_pmp%3D0%26UR%3D17%26URP%3D138%26OE%3D0%26google%3D1%26native%3D1%26slot_number%3D1%26slot%3Dcontent_btf%26arrival%3D0%26refresh%3D0%26sspm%3D0%26bidFloor%3D0.16%26ccpa%3D1---%26timeout%3Dcontent_lazy_d_2801%26gid%3D0%26inview%3D1%26adomain%3Dprogressive.com%26grow_state%3D1%26dsp_id%3D537073292%263pc%3D1%26illr%3D0%26gpp%3D0-0-0%7CmaxVelocity%3D801%26sales_cat%3D239%26sales_safety%3DGGT0%26sales_kw%3Dquotefancy%252Cbeautiful%2520wallpapers%252Cinspirational%2520quotes%252Cfree%2520download%252Cmotivational%2520quote%252Cwallpaper%252Chigh-resolution%2520image%252Cspace%252Cprintable%2520poster%26partnerLift%3DcriteoE3M3%2CebOff%26hb_bid%3Dno_bid%26slot_id%3Dcontent_2_btf%26hb_bidder%3Dno_bidder_0%26hb_count%3D0%26hb_pool%3D0%26hb_pmp%3D0%26UR%3D16%26URP%3D138%26OE%3D0%26google%3D1%26native%3D1%26slot_number%3D2%26slot%3Dcontent_btf%26arrival%3D0%26refresh%3D0%26bidFloor%3D0.16%26ccpa%3D1---%26timeout%3Dcontent_lazy_d_2801%26gid%3D0%26inview%3D1%26grow_state%3D1%263pc%3D1%26illr%3D0%26gpp%3D0-0-0%7CmaxVelocity%3D801%26hb_pb_openx_s2s%3D0.16%26sales_cat%3D239%26sales_safety%3DGGT0%26sales_kw%3Dquotefancy%252Cbeautiful%2520wallpapers%252Cinspirational%2520quotes%252Cfree%2520download%252Cmotivational%2520quote%252Cwallpaper%252Chigh-resolution%2520image%252Cspace%252Cprintable%2520poster%26partnerLift%3DcriteoE3M3%2CebOff%26hb_bid%3Dno_bid%26slot_id%3Dcontent_3_btf%26hb_bidder%3Dno_bidder_0%26hb_count%3D0%26hb_pool%3D0%26hb_pmp%3D0%26UR%3D16%26URP%3D138%26OE%3D0%26google%3D1%26native%3D1%26slot_number%3D3%26slot%3Dcontent_btf%26arrival%3D0%26refresh%3D0%26bidFloor%3D0.16%26ccpa%3D1---%26timeout%3Dcontent_lazy_d_2801%26gid%3D0%26inview%3D1%26grow_state%3D1%263pc%3D1%26illr%3D0%26gpp%3D0-0-0&cust_params=site%3Dquote-fancy%26path%3D%252F%26secure%3D1%26sessiondepth%3D1%26optout%3D%26categories%3Deducation%252Chobbies-and-interests%252Chobbies-and-interests-arts-and-crafts%26generator%3Dweb%26bucket%3D55%26referrer_url%3DDIRECT%26utm_source%3D%26utm_campaign%3D%26dow%3D5%26day%3D12%26month%3D1%26hour%3D14%26wrapper_group%3D2.94.39%26wswy%3D0%26sessionId%3D1879337364%26groupm%3D1%26browser%3DChrome%26os%3DWindows%26s2sVersion%3Dproduction&adks=3715781367%2C495426797%2C3953312689&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7116522d6277895ddf41ba03a799f251ff4717cbc8443b4f5e177ac2def9181a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85937
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://arvan.arv1.arv1.vai2app.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 3729
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15635?us_privacy=1---&r=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dgumgum%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jan 2024 14:21:24 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Jan 2024 14:21:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9413 		624 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit_fyAAjAB&v=APEucNUhMBEL2hU2KGl8o517QWLdm6LGky_7VQHY2PM7QEVuyzysuKSM4lNph8KBwyOqHtFTMqAUQyA5tkaqKQ3VD6hrtAX8Qg
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Fri, 12 Jan 2024 14:21:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5912 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 14:21:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5912 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AgD6C89Jm5r76YIintOCEdlJzYqmiY1Du7RDy9qaA0Y1jVb278lEmf7N5ZbiwuO1Qm1uuefF3ASLsrx9bGtnYTmumXtnNLvodEgiFQ466jq5FOLOk
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 5912 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:02:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
55144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:02:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 5912 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:02:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
55144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:02:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5912 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 14:21:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D3D8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
47233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 01:14:11 GMT
expires
Sat, 11 Jan 2025 01:14:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F3F5 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::63 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
802c58c000f93a53f77bce1b6967ac5f36bc7295303fd9162bb20834dc881baf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-caKxZDd-JUgkWxl2Y9N29w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-caKxZDd-JUgkWxl2Y9N29w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Fri, 12 Jan 2024 14:21:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 4AA8 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pubnation&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
20438aa0ec489547807587826ee4f31f93ad314ff69c0f08a8eb1e1b8699b640

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pubnation&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 14:21:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jan 2024 12:02:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=78117
Connection
keep-alive
Content-Length
10964
Expires
Sat, 13 Jan 2024 12:03:21 GMT
dcm
s.amazon-adsystem.com/ Frame 613F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=8CDE2E07-4406-4518-912F-270386807B48&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=8CDE2E07-4406-4518-912F-270386807B48&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=8CDE2E07-4406-4518-912F-270386807B48&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 Jan 2024 14:21:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3XG5J7TE28ZQGX1PKTJK

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 12 Jan 2024 14:21:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=8CDE2E07-4406-4518-912F-270386807B48&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DSR38C0S554M7BMSVPX0
Pug
simage2.pubmatic.com/AdServer/ Frame 9669
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=dde168c2-b155-11ee-9877-b7874cadc6e0
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=dde168c2-b155-11ee-9877-b7874cadc6e0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 Jan 2024 14:21:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Fri, 12 Jan 2024 14:21:25 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=dde168c2-b155-11ee-9877-b7874cadc6e0
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-2
Pug
image2.pubmatic.com/AdServer/ Frame CD31
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEaUVFN0xRcFlBQUJXdy13cXZ2UQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADiEE7LQpYAABWw-wqvvQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3618674865577090467&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AADiEE7LQpYAABWw-wqvvQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3618674865577090467%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3618674865577090467&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
  • https://sync.technoratimedia.com/services?uid=AADiEE7LQpYAABWw-wqvvQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3618674865577090467%26gdpr%3D0%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3618674865577090467&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADiEE7LQpYAABWw-wqvvQ&gdpr=0
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADiEE7LQpYAABWw-wqvvQ&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 Jan 2024 03:25:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 12 Jan 2024 14:21:26 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADiEE7LQpYAABWw-wqvvQ&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame ABD8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3856803846468436779&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3856803846468436779&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 Jan 2024 14:21:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
aa32aa14-d84c-4b4c-9b37-9f615af442a2
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3856803846468436779&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.69; 38.132.118.69; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
redirect
exchange.pubnation.com/usersync/ Frame AC8D 		0
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=pubmatic&uuid=dd2574a0-b155-11ee-8571-813a2ca4bdfa&s2sVersion=production&partnerId=8CDE2E07-4406-4518-912F-270386807B48
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:24 GMT
vary
Origin, Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9B63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jN4uB0QGRRiRLycDhoB7SA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
23.62.164.208 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=48145
accept-ranges
bytes
content-length
5622
expires
Sat, 13 Jan 2024 03:43:49 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 9B63
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=8CDE2E07-4406-4518-912F-270386807B48
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=8CDE2E07-4406-4518-912F-270386807B48
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f5cc8976-a193-4c27-9918-e0b494ca0d22%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70451e3f-8576-44e3-b479-ae4858a3ebcb&ttd_puid=f5cc8976-a193-4c27-9918-e0b494ca0d22%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70451e3f-8576-44e3-b479-ae4858a3ebcb&ttd_puid=f5cc8976-a193-4c27-9918-e0b494ca0d22%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=70451e3f-8576-44e3-b479-ae4858a3ebcb&ttd_puid=f5cc8976-a193-4c27-9918-e0b494ca0d22%2C%2C
date
Fri, 12 Jan 2024 14:21:24 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 9B63 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%208CDE2E07-4406-4518-912F-270386807B48&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 9B63 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=8CDE2E07-4406-4518-912F-270386807B48&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 12 Jan 2024 14:21:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 9B63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OENERTJFMDctNDQwNi00NTE4LTkxMkYtMjcwMzg2ODA3QjQ4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 Jan 2024 14:21:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9B63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGG23-gOGAYEoQJw6AZDiKQ&google_cver=1
42 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGG23-gOGAYEoQJw6AZDiKQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 Jan 2024 14:21:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGG23-gOGAYEoQJw6AZDiKQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9B63
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5697288BF3A14FB995EFB39A3BD7F04E
42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5697288BF3A14FB995EFB39A3BD7F04E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 Jan 2024 14:21:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5697288BF3A14FB995EFB39A3BD7F04E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 11 Jan 2024 14:21:24 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9B63
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=70451e3f-8576-44e3-b479-ae4858a3ebcb&gdpr=0&gdpr_consent=
42 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=70451e3f-8576-44e3-b479-ae4858a3ebcb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 Jan 2024 14:21:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=70451e3f-8576-44e3-b479-ae4858a3ebcb&gdpr=0&gdpr_consent=
date
Fri, 12 Jan 2024 14:21:24 GMT
server
Kestrel
content-length
355
8CDE2E07-4406-4518-912F-270386807B48
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9B63 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8CDE2E07-4406-4518-912F-270386807B48?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:65dd:568a:ef48:8f07 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 9B63
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8CDE2E07-4406-4518-912F-270386807B48&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bj3.V0BE2uUy.GU_Aw80cjtZwN5T5uk-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bj3.V0BE2uUy.GU_Aw80cjtZwN5T5uk-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Server
162.248.18.34 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bj3.V0BE2uUy.GU_Aw80cjtZwN5T5uk-~A&gdpr=0
date
Fri, 12 Jan 2024 14:21:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
khaos.json
token.rubiconproject.com/ Frame 4AA8 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
usync.js
eus.rubiconproject.com/ Frame 3729 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
20438aa0ec489547807587826ee4f31f93ad314ff69c0f08a8eb1e1b8699b640

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 14:21:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jan 2024 12:02:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=78117
Connection
keep-alive
Content-Length
10964
Expires
Sat, 13 Jan 2024 12:03:21 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame D3D8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 13:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
4729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 13:02:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5912 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6127231007137&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5912 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6127231007137&version=m202309260101&ct=76&x=1&cor=3205742206882873000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5912 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYlv1bkJtgWvFbO-y1Ca9zR9YVr-9XsrJRn_4ElkU8xkZZfdZRi3cJWQ8eJpuAD_S7FTV8QQbo8zqGKJkcXZdJsi3HGXQ_bkiYdPpeir5fh-RiTZ2TZcCMcqw1CYHi6ffwJAq_Gj-gUjcfm2Qwj2uwdNsl3EhXKJeNIKL-H1OI9NNIR6k&dbm_d=AKAmf-AUyt_xb4FpF56CM4OmbxzfRdf6eR_lxwF0gUQbdgALTHejALjRrcxSWJ-oGBLFT6FtTkSykOiD0igEuJZiUfKvWEMQzPKRYAPXxPe8mjKez-PVEUBD_eaU0mkmKOYzODkdwF9amazD2zjRKprZIWi5juUTxpMOgT5A6uP2mOeTgM7AxR5laF4bEcmZjTlFJXs3E5oHaXbTQCah33D2N9RspmOU1Jhs8IcoXCrRIX_wFuhL_i8v-b7L5mHjwxgngdw53-HEvypqGa24tYg2BFkuja9JTje6hoHemBh04mnaeuHV5s5ZbjAzOUXoYZugANpLDI57LggxSE98FZPf75bwWnPwitXHlQGPcLfhPl_4ZgBmDfHDqdt220XmsyMvly9mFiSwbmP5ZsKppRmhm-jAbekTE7zUGEdNVqVg17YkmfC43rD3UvDhMFaf4GeMIJl1s6Mjrtb79m4eaiW61vugS0XYZmfJ_vCjHOt5Bqv6FCLn70zXEuUPe8ZMmZYfvZMKZCtmS0EKG-iD2qTuv6-RLHyqvU0UKCXOsLr9YRhVHxLNZ6xjumZPXu7lYgaeBAZ3y0yMmlki-svFN5M1o23RyvcD_dDGAQJMeggo-ljRlYBFMk714FauidqvIlulduWO2fweeKCPdFN8Ie3hDpCszWIvRMZrmQB7P6NThZ5tLfjiZYJxy6W1pYIsxDeC3mbZPHKwhMxrNtWjvBwsjkojg-biCyuEUAEjnBjmqyXwyaCqHhkqHqVaN9qOGJhzM40XTa7EzWKX-s-TO0iL4Yfmwf4NB9tK_R5QKn00wce-sOvJvxIcUvqegx8W5hlqOO5l422hIkVB5ySqFZJnJcCubWxva3-bM7crZ6FFwGrCWPphjWKqzG50a1FUSAb4UeHBcdETj1SFWwP0Gn7Ujfx-dxBSQ1YKB3uVqTqinVdMII53xhxQ9ohUAFOQs9vSRIwNbe3VRubwYOAyX5xzFUddXIyzC1tQbF7HAjaYx46Edds6lDb_oMpff588dvAWRSBNmB2V97HSnElhlBKpAg8ovbV8JG2QS_syjP-s03uD-5QndX_UZzpqTyJMDHlqPkTm4ktUB5RiH-li0BH-gxCnUoQ8mZjGwMh6XsvMcFLaN8iJjva7lXrqCzPLR5Ad6RSaoPfP7KlszJP7aA-TB0sFxounitbgYlYxj2s91wY7LocNvDkCY4qvdLz_jQQo3S5sKDHaM9gAXe7KC0rIglLOtiAP703h3JR5nYye7gy41rUpc_Ik7icFBFuyr3AKkqQbXbnBhxVU4NSpgh_uWY7rXZfQJY8M79r7bmnL0lNWSxgvPvQQvVn0UmlJ-9mb1I9MdsmV__BeyNSNW52gMY33nrKrOKaqJoyBi88V-VhJsBg8NSlNmdeAsO-JsLfIPkbbq0amluc75vAupBPD1Kc_eCxiC35mWNC4B20XwUi9SDI63RMXw6UDemoytOEwIe9YiqpunSwkQLCr6Q0hiDPRoRuatzM6qWgfPkhFzofvw71_xHq6Y3V3mzYPKJEL2mvebFrzAx0PG3FLOTMv4fCvZ0kO8wA63mLOYt87WUDHO5qR-CkQiDeiYgJnUheLzvEdMaXMueVPGVnLxqMcRFHsPVV-usEBFpmVYwxiWhhzGh24FG8NmcjqvM5yfUUp8VnDy8kNqP4DCx7a5Mgq4fGTb0RM3qTPGXB7c4xq6RA8ShJQjXgK291gPXuu_-q7usxK8Ath4MnbEUzwuaTDO8s_UF2PTZn0f0q2zH5HeP5UUXsxAajcEi2HMm9GX7yZjULMCksSvmoFHi3I03FCxj1qkwaAdsvBg0u2gOe2--TYdKenKFHx8ZB_BvQxIPvHVQKXt8VwEJvW-UCD7uXC05MjydJo2mODbasKCGWU8qULd1Al8Z7HQVpIdrxRcrQNzQ1Ozu9j4zkqgTKRtGb9pwb_gQ9C_L3GDJHkZKzx3KPMIXj0OrRGYRJMEIsMPyc-o3FBSmpP5F6Ro69uaiLGEDEtm5S-8nFRedzFjnWDKeaeOaDDQtOgnQyZmSB-18yN2cVZHI9oF-XLd_sXj96MdW96PNXKZQIOcMb-o8VjxjWBKHCObg-cc47WQAdJyNp-zpvyYWIOcVX6UBqwpqemHM5qG_Omc46x-PwKOWWiOfw__b0Ns1Sb-VP7t5XTgbZhRXEsC3Od9KOoLw4xZC-VVw7YLD4e8Vpx9JCTwQAikVaBx544chrFISb2bkdIroz7VY1CUIChIuOhT4_913Dz6Uotznd9qAUo1fK6cJDNeDFmquWFc8d6PbVphrbpzBllyV58cEHypy7ThnWbgO6Wy_IqhZlulGXGbBnkgqy6wKZzaq1SJpRbMYSXI69WdeLTtzNBHsFtb1yg8paKdJtieK3NS1TzWCTeDgsCNsMdy23Q-q4Uc5T7wDy00SwdqLJtgmcQlX0ygqax7MKW_BPase9uRukHPmLzZ052BpVcaHAu2tlwz9C89zp5a55EkrZtzPVXFH5ZJV-2LZPtB7cTZEYXWs3iDHUGT3x6P9iNhJqo0GSbFvKxtdTjybw3MZiWr_iCqhYa3nX9O-dtDGVBWDofkWN79feEYkemZXbz_pRK1AC5xADUYAdMH6a36JO4jPxpF0Dk-UMvVTiTaSfXkeloBjPyre9gHV_nsVA65NhqV78D-33vqlLZTQ-spr7jwi_yPayNSwFgXXh_oFwYX4D8HO9i_R1zTklDgYNhICTjxqxgAwEg06pEbWHA9R4B58o9HTsG7xAr_L0eBbUw86n1Iyf45I-LTzre5gE0Q9Z9nEmgncddWT9BeIIsdmOOopDDzQj_AdrGCA3RDcPBOassjey99OLmQRz3iTiz2WLiw_kISml4MkXbib4CySjTn4CgkV_qFqiYhpFa79tAOfcirG5Dze_DiB1chzYX0OurKjdJ3fMGEGSsYyq0uUYhTrBM9CRTDAFhQ5ABQVixbcybu5FtmRW2jmz4I3_fd33ScGy_dqzbecu-5U8l6eqqjT9zfcLMve42tuJujFLaa5uKC3TiOiLZt5Q9UdBzJ0T07cFL-_5fT5n718Qyt1LaVY-h1vmefpoEjM687aALKG8Bi1sebJ-c4aN12921Zkr4iC_NWIf7nuGlWt0OgOI31wughzG4QG86YZS7in54kzg2ewRZoJ-d1bFgtAaaO84WIKtXoMXsC0Mgt7U3LR1Qg6EM3ALojZ_VWWIiRoc72cZlJ6NGHChEf79nKd7kF6wp-_8VESRLa4ifMOqqgS9Da88i_Fqko6FlbveSiXn3--SzOrVxNLuIYmlXuWcnEVxMQ_O7SgCmtPCjXf8eTSqMDDXp_UhfDYjTmOQo6ctZ44jydMkJ7zcu3R1FjKzlWvlsfcFKUrGev4HnkYBP91C6LgyQ0DEe7PmJxhX97Kk8VZADtOwmwrxgh35kRLVuaJkf3fnr6mC2jEc1JFRUQpNwoic51sumqshR9-_S14V_a0WXOCoo33G3f3N5OGEUYFlmRNtFm4o1f1M2ANr5Mu9z57QhzcO8caB9GhextkT4eSESFHRR0Q3N3OX91Ghie1K-1uK0Bv3J0q1UheCUkwmUhhp3roF29wlfPXHjQ7G55klXFxS4e-7Xd0973SJ4rRi8iplftLXeYqwZHT3XFavG2o6yBgNmH_4P9HGr8_EzpJkBC0_-M532zxwIOfXH-H62woMFV7ay_iCfz35LAcHaAEVZLFIJHhVX6ehZBGOQ9DQzB7mF8c-EK9tvrlT5h_r8EHfc4oz7KhDzQ26BILzzxBu1uIdELanSBbY79d6ljFcC0ko7Bg&cid=CAQSTgAvHhf_Jiz-yIfx7FlV9lOkriR6zu34EvP2hKKVCX_fWIZrAuyaP9aZTcEtUrlH2BkFYTEeaIw_ZIlBXXeoX4NKMz1ohsWRWgQJ_JhxyhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&ds=l&xdt=1&iif=1&cor=3205742206882873000&adk=3661671306&idt=238&cac=0&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
80567e417e36a09a448415079f0ff2bc4b2775b6b8d8b2cc9057164ea3af62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 35F0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Sat, 11 Jan 2025 14:21:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE74 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Sat, 11 Jan 2025 14:21:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C0AA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:21:24 GMT
expires
Sat, 11 Jan 2025 14:21:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 9413
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit_fyAAjAB&v=APEucNUhMBEL2hU2KGl8o517QWLdm6LGky_7VQHY2PM7QEVuyzysuKSM4lNph8KBwyOqHtFTMqAUQyA5tkaqKQ3VD6hrtAX8Qg
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0C%2BcWKNtdJTpcMNRc2V%2FQ0nx7LzP3vfIixAOHI0En34Kdm%2FMMBpBXEluaX%2BuY3YQf2zsr%2FrCvEqDN3a0jMxOyioMHD3qZl0RtiMU8xK2zrVlAuNO6XLGu0%2Fq7BApGHo5TTHd4CsXbRGJzA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84460bb90a6c9aba-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9413
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFK5Nv31rY90DfpRZT2bAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit_fyAAjAB&v=APEucNUhMBEL2hU2KGl8o517QWLdm6LGky_7VQHY2PM7QEVuyzysuKSM4lNph8KBwyOqHtFTMqAUQyA5tkaqKQ3VD6hrtAX8Qg
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1CyDsvbciBjzfSR7N3XjOQmqzSyWp3OtvYd%2BsYSPRA2TI%2FXKeP7itFPeO%2FzegZYwtWiy7kX3Ugn0gYJzaUWvo4XKfsHxrA333I3tvlGvsvP9MMeJxd2ayqmcZQ4XHx4CUcfFsnlucuj2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84460bb98b719aba-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9413
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEInb13h8OkGXpalclHmGkQA&google_cver=1
43 B
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEInb13h8OkGXpalclHmGkQA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit_fyAAjAB&v=APEucNUhMBEL2hU2KGl8o517QWLdm6LGky_7VQHY2PM7QEVuyzysuKSM4lNph8KBwyOqHtFTMqAUQyA5tkaqKQ3VD6hrtAX8Qg
Protocol
H2
Server
68.67.160.114 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
an-x-request-uuid
6d2cf408-02d2-4122-90d4-b4a8fb42af92
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEInb13h8OkGXpalclHmGkQA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9413
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1NjgwMzg0NjQ2ODQzNjc3OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1NjgwMzg0NjQ2ODQzNjc3OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGpfRDM07aKAxit_fyAAjAB&v=APEucNUhMBEL2hU2KGl8o517QWLdm6LGky_7VQHY2PM7QEVuyzysuKSM4lNph8KBwyOqHtFTMqAUQyA5tkaqKQ3VD6hrtAX8Qg
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
an-x-request-uuid
b062ed24-7425-4fa0-8b06-55cbd3210846
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1NjgwMzg0NjQ2ODQzNjc3OQ%3D%3D
x-proxy-origin
38.132.118.69; 38.132.118.69; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 3729 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1880958/77369971/ Frame 5912 		269 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1880958/77369971/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015449892&ias_pubId=pub-6445234841753687&ias_chanId=1&ias_placementId=20881761062&bidurl=https://quotefancy.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gcON_Cvc9xyie0F_rXctbk
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.158.204 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 5912 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Origin
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 15:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 15:29:08 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 5912 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYlv1bkJtgWvFbO-y1Ca9zR9YVr-9XsrJRn_4ElkU8xkZZfdZRi3cJWQ8eJpuAD_S7FTV8QQbo8zqGKJkcXZdJsi3HGXQ_bkiYdPpeir5fh-RiTZ2TZcCMcqw1CYHi6ffwJAq_Gj-gUjcfm2Qwj2uwdNsl3EhXKJeNIKL-H1OI9NNIR6k&dbm_d=AKAmf-AUyt_xb4FpF56CM4OmbxzfRdf6eR_lxwF0gUQbdgALTHejALjRrcxSWJ-oGBLFT6FtTkSykOiD0igEuJZiUfKvWEMQzPKRYAPXxPe8mjKez-PVEUBD_eaU0mkmKOYzODkdwF9amazD2zjRKprZIWi5juUTxpMOgT5A6uP2mOeTgM7AxR5laF4bEcmZjTlFJXs3E5oHaXbTQCah33D2N9RspmOU1Jhs8IcoXCrRIX_wFuhL_i8v-b7L5mHjwxgngdw53-HEvypqGa24tYg2BFkuja9JTje6hoHemBh04mnaeuHV5s5ZbjAzOUXoYZugANpLDI57LggxSE98FZPf75bwWnPwitXHlQGPcLfhPl_4ZgBmDfHDqdt220XmsyMvly9mFiSwbmP5ZsKppRmhm-jAbekTE7zUGEdNVqVg17YkmfC43rD3UvDhMFaf4GeMIJl1s6Mjrtb79m4eaiW61vugS0XYZmfJ_vCjHOt5Bqv6FCLn70zXEuUPe8ZMmZYfvZMKZCtmS0EKG-iD2qTuv6-RLHyqvU0UKCXOsLr9YRhVHxLNZ6xjumZPXu7lYgaeBAZ3y0yMmlki-svFN5M1o23RyvcD_dDGAQJMeggo-ljRlYBFMk714FauidqvIlulduWO2fweeKCPdFN8Ie3hDpCszWIvRMZrmQB7P6NThZ5tLfjiZYJxy6W1pYIsxDeC3mbZPHKwhMxrNtWjvBwsjkojg-biCyuEUAEjnBjmqyXwyaCqHhkqHqVaN9qOGJhzM40XTa7EzWKX-s-TO0iL4Yfmwf4NB9tK_R5QKn00wce-sOvJvxIcUvqegx8W5hlqOO5l422hIkVB5ySqFZJnJcCubWxva3-bM7crZ6FFwGrCWPphjWKqzG50a1FUSAb4UeHBcdETj1SFWwP0Gn7Ujfx-dxBSQ1YKB3uVqTqinVdMII53xhxQ9ohUAFOQs9vSRIwNbe3VRubwYOAyX5xzFUddXIyzC1tQbF7HAjaYx46Edds6lDb_oMpff588dvAWRSBNmB2V97HSnElhlBKpAg8ovbV8JG2QS_syjP-s03uD-5QndX_UZzpqTyJMDHlqPkTm4ktUB5RiH-li0BH-gxCnUoQ8mZjGwMh6XsvMcFLaN8iJjva7lXrqCzPLR5Ad6RSaoPfP7KlszJP7aA-TB0sFxounitbgYlYxj2s91wY7LocNvDkCY4qvdLz_jQQo3S5sKDHaM9gAXe7KC0rIglLOtiAP703h3JR5nYye7gy41rUpc_Ik7icFBFuyr3AKkqQbXbnBhxVU4NSpgh_uWY7rXZfQJY8M79r7bmnL0lNWSxgvPvQQvVn0UmlJ-9mb1I9MdsmV__BeyNSNW52gMY33nrKrOKaqJoyBi88V-VhJsBg8NSlNmdeAsO-JsLfIPkbbq0amluc75vAupBPD1Kc_eCxiC35mWNC4B20XwUi9SDI63RMXw6UDemoytOEwIe9YiqpunSwkQLCr6Q0hiDPRoRuatzM6qWgfPkhFzofvw71_xHq6Y3V3mzYPKJEL2mvebFrzAx0PG3FLOTMv4fCvZ0kO8wA63mLOYt87WUDHO5qR-CkQiDeiYgJnUheLzvEdMaXMueVPGVnLxqMcRFHsPVV-usEBFpmVYwxiWhhzGh24FG8NmcjqvM5yfUUp8VnDy8kNqP4DCx7a5Mgq4fGTb0RM3qTPGXB7c4xq6RA8ShJQjXgK291gPXuu_-q7usxK8Ath4MnbEUzwuaTDO8s_UF2PTZn0f0q2zH5HeP5UUXsxAajcEi2HMm9GX7yZjULMCksSvmoFHi3I03FCxj1qkwaAdsvBg0u2gOe2--TYdKenKFHx8ZB_BvQxIPvHVQKXt8VwEJvW-UCD7uXC05MjydJo2mODbasKCGWU8qULd1Al8Z7HQVpIdrxRcrQNzQ1Ozu9j4zkqgTKRtGb9pwb_gQ9C_L3GDJHkZKzx3KPMIXj0OrRGYRJMEIsMPyc-o3FBSmpP5F6Ro69uaiLGEDEtm5S-8nFRedzFjnWDKeaeOaDDQtOgnQyZmSB-18yN2cVZHI9oF-XLd_sXj96MdW96PNXKZQIOcMb-o8VjxjWBKHCObg-cc47WQAdJyNp-zpvyYWIOcVX6UBqwpqemHM5qG_Omc46x-PwKOWWiOfw__b0Ns1Sb-VP7t5XTgbZhRXEsC3Od9KOoLw4xZC-VVw7YLD4e8Vpx9JCTwQAikVaBx544chrFISb2bkdIroz7VY1CUIChIuOhT4_913Dz6Uotznd9qAUo1fK6cJDNeDFmquWFc8d6PbVphrbpzBllyV58cEHypy7ThnWbgO6Wy_IqhZlulGXGbBnkgqy6wKZzaq1SJpRbMYSXI69WdeLTtzNBHsFtb1yg8paKdJtieK3NS1TzWCTeDgsCNsMdy23Q-q4Uc5T7wDy00SwdqLJtgmcQlX0ygqax7MKW_BPase9uRukHPmLzZ052BpVcaHAu2tlwz9C89zp5a55EkrZtzPVXFH5ZJV-2LZPtB7cTZEYXWs3iDHUGT3x6P9iNhJqo0GSbFvKxtdTjybw3MZiWr_iCqhYa3nX9O-dtDGVBWDofkWN79feEYkemZXbz_pRK1AC5xADUYAdMH6a36JO4jPxpF0Dk-UMvVTiTaSfXkeloBjPyre9gHV_nsVA65NhqV78D-33vqlLZTQ-spr7jwi_yPayNSwFgXXh_oFwYX4D8HO9i_R1zTklDgYNhICTjxqxgAwEg06pEbWHA9R4B58o9HTsG7xAr_L0eBbUw86n1Iyf45I-LTzre5gE0Q9Z9nEmgncddWT9BeIIsdmOOopDDzQj_AdrGCA3RDcPBOassjey99OLmQRz3iTiz2WLiw_kISml4MkXbib4CySjTn4CgkV_qFqiYhpFa79tAOfcirG5Dze_DiB1chzYX0OurKjdJ3fMGEGSsYyq0uUYhTrBM9CRTDAFhQ5ABQVixbcybu5FtmRW2jmz4I3_fd33ScGy_dqzbecu-5U8l6eqqjT9zfcLMve42tuJujFLaa5uKC3TiOiLZt5Q9UdBzJ0T07cFL-_5fT5n718Qyt1LaVY-h1vmefpoEjM687aALKG8Bi1sebJ-c4aN12921Zkr4iC_NWIf7nuGlWt0OgOI31wughzG4QG86YZS7in54kzg2ewRZoJ-d1bFgtAaaO84WIKtXoMXsC0Mgt7U3LR1Qg6EM3ALojZ_VWWIiRoc72cZlJ6NGHChEf79nKd7kF6wp-_8VESRLa4ifMOqqgS9Da88i_Fqko6FlbveSiXn3--SzOrVxNLuIYmlXuWcnEVxMQ_O7SgCmtPCjXf8eTSqMDDXp_UhfDYjTmOQo6ctZ44jydMkJ7zcu3R1FjKzlWvlsfcFKUrGev4HnkYBP91C6LgyQ0DEe7PmJxhX97Kk8VZADtOwmwrxgh35kRLVuaJkf3fnr6mC2jEc1JFRUQpNwoic51sumqshR9-_S14V_a0WXOCoo33G3f3N5OGEUYFlmRNtFm4o1f1M2ANr5Mu9z57QhzcO8caB9GhextkT4eSESFHRR0Q3N3OX91Ghie1K-1uK0Bv3J0q1UheCUkwmUhhp3roF29wlfPXHjQ7G55klXFxS4e-7Xd0973SJ4rRi8iplftLXeYqwZHT3XFavG2o6yBgNmH_4P9HGr8_EzpJkBC0_-M532zxwIOfXH-H62woMFV7ay_iCfz35LAcHaAEVZLFIJHhVX6ehZBGOQ9DQzB7mF8c-EK9tvrlT5h_r8EHfc4oz7KhDzQ26BILzzxBu1uIdELanSBbY79d6ljFcC0ko7Bg&cid=CAQSTgAvHhf_Jiz-yIfx7FlV9lOkriR6zu34EvP2hKKVCX_fWIZrAuyaP9aZTcEtUrlH2BkFYTEeaIw_ZIlBXXeoX4NKMz1ohsWRWgQJ_JhxyhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&ds=l&xdt=1&iif=1&cor=3205742206882873000&adk=3661671306&idt=238&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:20:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
72075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:20:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 5912 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYlv1bkJtgWvFbO-y1Ca9zR9YVr-9XsrJRn_4ElkU8xkZZfdZRi3cJWQ8eJpuAD_S7FTV8QQbo8zqGKJkcXZdJsi3HGXQ_bkiYdPpeir5fh-RiTZ2TZcCMcqw1CYHi6ffwJAq_Gj-gUjcfm2Qwj2uwdNsl3EhXKJeNIKL-H1OI9NNIR6k&dbm_d=AKAmf-AUyt_xb4FpF56CM4OmbxzfRdf6eR_lxwF0gUQbdgALTHejALjRrcxSWJ-oGBLFT6FtTkSykOiD0igEuJZiUfKvWEMQzPKRYAPXxPe8mjKez-PVEUBD_eaU0mkmKOYzODkdwF9amazD2zjRKprZIWi5juUTxpMOgT5A6uP2mOeTgM7AxR5laF4bEcmZjTlFJXs3E5oHaXbTQCah33D2N9RspmOU1Jhs8IcoXCrRIX_wFuhL_i8v-b7L5mHjwxgngdw53-HEvypqGa24tYg2BFkuja9JTje6hoHemBh04mnaeuHV5s5ZbjAzOUXoYZugANpLDI57LggxSE98FZPf75bwWnPwitXHlQGPcLfhPl_4ZgBmDfHDqdt220XmsyMvly9mFiSwbmP5ZsKppRmhm-jAbekTE7zUGEdNVqVg17YkmfC43rD3UvDhMFaf4GeMIJl1s6Mjrtb79m4eaiW61vugS0XYZmfJ_vCjHOt5Bqv6FCLn70zXEuUPe8ZMmZYfvZMKZCtmS0EKG-iD2qTuv6-RLHyqvU0UKCXOsLr9YRhVHxLNZ6xjumZPXu7lYgaeBAZ3y0yMmlki-svFN5M1o23RyvcD_dDGAQJMeggo-ljRlYBFMk714FauidqvIlulduWO2fweeKCPdFN8Ie3hDpCszWIvRMZrmQB7P6NThZ5tLfjiZYJxy6W1pYIsxDeC3mbZPHKwhMxrNtWjvBwsjkojg-biCyuEUAEjnBjmqyXwyaCqHhkqHqVaN9qOGJhzM40XTa7EzWKX-s-TO0iL4Yfmwf4NB9tK_R5QKn00wce-sOvJvxIcUvqegx8W5hlqOO5l422hIkVB5ySqFZJnJcCubWxva3-bM7crZ6FFwGrCWPphjWKqzG50a1FUSAb4UeHBcdETj1SFWwP0Gn7Ujfx-dxBSQ1YKB3uVqTqinVdMII53xhxQ9ohUAFOQs9vSRIwNbe3VRubwYOAyX5xzFUddXIyzC1tQbF7HAjaYx46Edds6lDb_oMpff588dvAWRSBNmB2V97HSnElhlBKpAg8ovbV8JG2QS_syjP-s03uD-5QndX_UZzpqTyJMDHlqPkTm4ktUB5RiH-li0BH-gxCnUoQ8mZjGwMh6XsvMcFLaN8iJjva7lXrqCzPLR5Ad6RSaoPfP7KlszJP7aA-TB0sFxounitbgYlYxj2s91wY7LocNvDkCY4qvdLz_jQQo3S5sKDHaM9gAXe7KC0rIglLOtiAP703h3JR5nYye7gy41rUpc_Ik7icFBFuyr3AKkqQbXbnBhxVU4NSpgh_uWY7rXZfQJY8M79r7bmnL0lNWSxgvPvQQvVn0UmlJ-9mb1I9MdsmV__BeyNSNW52gMY33nrKrOKaqJoyBi88V-VhJsBg8NSlNmdeAsO-JsLfIPkbbq0amluc75vAupBPD1Kc_eCxiC35mWNC4B20XwUi9SDI63RMXw6UDemoytOEwIe9YiqpunSwkQLCr6Q0hiDPRoRuatzM6qWgfPkhFzofvw71_xHq6Y3V3mzYPKJEL2mvebFrzAx0PG3FLOTMv4fCvZ0kO8wA63mLOYt87WUDHO5qR-CkQiDeiYgJnUheLzvEdMaXMueVPGVnLxqMcRFHsPVV-usEBFpmVYwxiWhhzGh24FG8NmcjqvM5yfUUp8VnDy8kNqP4DCx7a5Mgq4fGTb0RM3qTPGXB7c4xq6RA8ShJQjXgK291gPXuu_-q7usxK8Ath4MnbEUzwuaTDO8s_UF2PTZn0f0q2zH5HeP5UUXsxAajcEi2HMm9GX7yZjULMCksSvmoFHi3I03FCxj1qkwaAdsvBg0u2gOe2--TYdKenKFHx8ZB_BvQxIPvHVQKXt8VwEJvW-UCD7uXC05MjydJo2mODbasKCGWU8qULd1Al8Z7HQVpIdrxRcrQNzQ1Ozu9j4zkqgTKRtGb9pwb_gQ9C_L3GDJHkZKzx3KPMIXj0OrRGYRJMEIsMPyc-o3FBSmpP5F6Ro69uaiLGEDEtm5S-8nFRedzFjnWDKeaeOaDDQtOgnQyZmSB-18yN2cVZHI9oF-XLd_sXj96MdW96PNXKZQIOcMb-o8VjxjWBKHCObg-cc47WQAdJyNp-zpvyYWIOcVX6UBqwpqemHM5qG_Omc46x-PwKOWWiOfw__b0Ns1Sb-VP7t5XTgbZhRXEsC3Od9KOoLw4xZC-VVw7YLD4e8Vpx9JCTwQAikVaBx544chrFISb2bkdIroz7VY1CUIChIuOhT4_913Dz6Uotznd9qAUo1fK6cJDNeDFmquWFc8d6PbVphrbpzBllyV58cEHypy7ThnWbgO6Wy_IqhZlulGXGbBnkgqy6wKZzaq1SJpRbMYSXI69WdeLTtzNBHsFtb1yg8paKdJtieK3NS1TzWCTeDgsCNsMdy23Q-q4Uc5T7wDy00SwdqLJtgmcQlX0ygqax7MKW_BPase9uRukHPmLzZ052BpVcaHAu2tlwz9C89zp5a55EkrZtzPVXFH5ZJV-2LZPtB7cTZEYXWs3iDHUGT3x6P9iNhJqo0GSbFvKxtdTjybw3MZiWr_iCqhYa3nX9O-dtDGVBWDofkWN79feEYkemZXbz_pRK1AC5xADUYAdMH6a36JO4jPxpF0Dk-UMvVTiTaSfXkeloBjPyre9gHV_nsVA65NhqV78D-33vqlLZTQ-spr7jwi_yPayNSwFgXXh_oFwYX4D8HO9i_R1zTklDgYNhICTjxqxgAwEg06pEbWHA9R4B58o9HTsG7xAr_L0eBbUw86n1Iyf45I-LTzre5gE0Q9Z9nEmgncddWT9BeIIsdmOOopDDzQj_AdrGCA3RDcPBOassjey99OLmQRz3iTiz2WLiw_kISml4MkXbib4CySjTn4CgkV_qFqiYhpFa79tAOfcirG5Dze_DiB1chzYX0OurKjdJ3fMGEGSsYyq0uUYhTrBM9CRTDAFhQ5ABQVixbcybu5FtmRW2jmz4I3_fd33ScGy_dqzbecu-5U8l6eqqjT9zfcLMve42tuJujFLaa5uKC3TiOiLZt5Q9UdBzJ0T07cFL-_5fT5n718Qyt1LaVY-h1vmefpoEjM687aALKG8Bi1sebJ-c4aN12921Zkr4iC_NWIf7nuGlWt0OgOI31wughzG4QG86YZS7in54kzg2ewRZoJ-d1bFgtAaaO84WIKtXoMXsC0Mgt7U3LR1Qg6EM3ALojZ_VWWIiRoc72cZlJ6NGHChEf79nKd7kF6wp-_8VESRLa4ifMOqqgS9Da88i_Fqko6FlbveSiXn3--SzOrVxNLuIYmlXuWcnEVxMQ_O7SgCmtPCjXf8eTSqMDDXp_UhfDYjTmOQo6ctZ44jydMkJ7zcu3R1FjKzlWvlsfcFKUrGev4HnkYBP91C6LgyQ0DEe7PmJxhX97Kk8VZADtOwmwrxgh35kRLVuaJkf3fnr6mC2jEc1JFRUQpNwoic51sumqshR9-_S14V_a0WXOCoo33G3f3N5OGEUYFlmRNtFm4o1f1M2ANr5Mu9z57QhzcO8caB9GhextkT4eSESFHRR0Q3N3OX91Ghie1K-1uK0Bv3J0q1UheCUkwmUhhp3roF29wlfPXHjQ7G55klXFxS4e-7Xd0973SJ4rRi8iplftLXeYqwZHT3XFavG2o6yBgNmH_4P9HGr8_EzpJkBC0_-M532zxwIOfXH-H62woMFV7ay_iCfz35LAcHaAEVZLFIJHhVX6ehZBGOQ9DQzB7mF8c-EK9tvrlT5h_r8EHfc4oz7KhDzQ26BILzzxBu1uIdELanSBbY79d6ljFcC0ko7Bg&cid=CAQSTgAvHhf_Jiz-yIfx7FlV9lOkriR6zu34EvP2hKKVCX_fWIZrAuyaP9aZTcEtUrlH2BkFYTEeaIw_ZIlBXXeoX4NKMz1ohsWRWgQJ_JhxyhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&ds=l&xdt=1&iif=1&cor=3205742206882873000&adk=3661671306&idt=238&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:22:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
68318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:22:47 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5912 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 05:46:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
376482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 05:46:43 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 99E3 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEY05y7_AEwAQ&v=APEucNXC7w7IpMZJMe3sgTT92TqLgjrPmAuaEZfJ3tSRSTQ2rQHakTH-NAo3DoUZot4JFX1GgFR4lP0dGy6nBEctXOMY6X5PRg
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:21:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 35F0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
39177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 03:28:28 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 35F0 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:34:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
67627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:34:18 GMT
view
ad.doubleclick.net/pcs/ Frame 35F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssLzDKofUWsOP7dGOoJAM3vAuNerts0PTd6VCp3FLFmvLKNrXWn-srBFg8n4AvBtctJd_V5PeQhGMHq_1GNhQch4K63HgAya9cuTz00QVpm3MPB3mzA8vo_EdiirWpBvZjceSPd42xU1nMfehGOdn0POwRnBMzuMMwJoglTwLnJFIDM-B2ILRczVIGCLR-D9n5LlEn3qf59eZxzbd8ZcOb4VOXP2kh169VIFD2zZ03j_8G3RjwzpnIXgwEZzyUBhP1c-29e5zmuBP3M3KWC48ftz8sLV8D9lzwX05yzhuCyBq-ouUMdADXBCs3A5YXqd3beY_WD1B8LrOC-Ynb6nA-_MHnOv7TrLPbTiN7-NNJdE8ggY0RUTegC31nKTW_rbmJlgt0-k32p4nFsVQfgYn7IVzmb_prrY90B0Utnx67ZfJ7SSRklD1YYJriLZfFPZdkKxv_BGX8FeriK2RwWaMpM5dvV7_5EoCs3Nl2vOs9IMBolWEakySXMBSfOsBFiWRig4ISB2834KEB76PFytFf4rSJu3PZdi0aV9tYnrgQqrr9xcji6bcyCS12z2BI6nHRxc1oFTV2eDFA2RtCmqbTsUD5UnNHslMnBNVwPXiVq5QzPgYECFDetEs9Q8Urz9Hu6-rAIDekZOqthpZmeDoTCXS8O-d7Ux07So7d1m_pAtZPl54VBPkffsXu7Z3R3kKFwGNrsje9eux9ifqHDIHRkxZ04BfIdpegXj9zcr1xNWF1Kmy1RJtsaMrurmSm3swbYkPRQ3kNduCNzJNujEUKmWTQc2A3LyPQEjy59nMvZs_c-OFNWqmpHCLej6tFcIA9Kw4uBc_30eXYUQ8t0qA3rYCAfUzbAgAs3yDH9wIJ86gvOZt0ozsYCyvVGyed6o0xVPyqQnzNv4x1g5sZeyQ6EcC3smNIZSarNj68xj3s23v_nIVbP2sKuC20qsDiggjnviRpUDac5jL3oV94KaJmV0KknmzGD9sq_htFpSY1JmR8oGLMit2Enb9oeDVbm3wMWYcn-Anq0PET8hXtJY3b1ciZx1VmM3uy0EXUmTKcbtMGXc5mHh_cBgtkuDQmLLOFTCtqcWsH_gZFbCQ8P50rFE_7g7FzXDc_VfWO6tsOOb0aXDvar8lIzz6B0dCYWcEeUx0IYFTDjmzjcF9wfSi-SBUVkzJRBXOIUmNBAegU7cK1qbGqucTtdYi2vcu7zyQriTkCVxJNFsq0oo1jsbtyQuYGgTtAHeAoUPxkgzXoW5j3om7PmvSyJP1VSNv7nMXAAFvSV_x7Fox0jy9S7J1P2L2C1S2r4YRMQuBHvhCOE87K4E2Aw_kBlXZF02fA2bIgWJd_aZdSz7zHllXzCuRI3MYlYuvJRI6sXlSE9p9SvmZUDvg94DJXSxUHRK9BWMyJHVgRhMI_1Jw&sai=AMfl-YTvIlPou0b1vQ6leQZi1sArspqrTgxns9kOibEYEqrofTmLczI1mgEkcVnb8Ajw3CsIh5xJSRt66WA0ApSFT-ChEtJeQF9hbidOQmVAFieQ1RQ4jUzD18pCJewdRvZMCBzp03Xg5y7LHfY0EMb1378DeDGFCgsSm8pjpqMWf_x_WCxEHUF4EzsXehGh5lFevzuGuGH16j3E13DDF1yy-8fx8EYuzTPctLGbOUUezt622wq_PHVjjiee9X0Y2-MVpUSVADn9vXP0xa5D8pgKRpAWuytfid3_rzTfSAciQDSD7Q08ge0FOaAjESWZiyqhhJbq8paSxLgGw4G1sLvQUAVIpfZV-oyAjoda3wXzok0Ws7s9JNew0dkfjDlXq1Wk84STqnuIHKsc2zhZfiTZtxViJX-7fY1yWyj67gQ5&sig=Cg0ArKJSzF5DbsByIBcrEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oaXNjb3guY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240109.36469&arae=0&ftch=1&adurl=
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.149 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 14:21:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
analytics.js
s.cdnsynd.com/2/641959/ Frame 35F0 		0
64 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cdnsynd.com/2/641959/analytics.js?dt=6419591531399173184001&ac=11362813&si=4792984&pc=379789250&pi=570812056&cr=204234897&dm=300x250&ai=6836545&ui=AMsySZalTn7lBpkpwKAhENbShnW-&cb=864777295&pp=N555803.2382313DOUBLECLICKBIDMAN&md=display
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.213.108.162 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 14:21:24 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 35F0 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 05:46:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
376482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 05:46:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 35F0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:02:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
55145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:02:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5F8E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
67630
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:34:15 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 19:34:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 35F0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:02:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
55145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:02:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 35F0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFddLSzwc0mlXqebum7ZVbwMWmDGHoW96mLoAt5TdvPnNszbBhrf-r-f21kjDt_lF16CzYTziiUck8uGy1E_xzo5gMnZBFJgchPuvK8kK7lyx3MQY
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 35F0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQLleoY3UNZR_mNaCFSYUuKVAFbza75ZhCxQ4eKNQSh9YsF5nWd44dSLJrvQBF8mEzzRyDrZvupaGwNZM72vIoruMVKA
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 35F0 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 14:21:25 GMT
9871888396786412802
s0.2mdn.net/simgad/ Frame 35F0 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9871888396786412802
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 07 Jan 2025 10:00:17 GMT
date
Mon, 08 Jan 2024 10:00:17 GMT
x-content-type-options
nosniff
age
361268
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100656
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 05:41:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
redirect
exchange.pubnation.com/usersync/ Frame 4AA8
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pubnation&khaos=LRAQ87BD-D-GIJZ
  • https://exchange.pubnation.com/usersync/redirect?partner=rubicon&partnerId=LRAQ87BD-D-GIJZ
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.pubnation.com/usersync/redirect?partner=rubicon&partnerId=LRAQ87BD-D-GIJZ
Protocol
H2
Server
107.22.100.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-252.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:25 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.pubnation.com/usersync/redirect?partner=rubicon&partnerId=LRAQ87BD-D-GIJZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4D5A 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEYzLvm_AEwAQ&v=APEucNU7zO8fQO8WIDD_r6jnMqXr_P8k_6hK7fun4atxVFGs4RfrriQOv3x5xhFeZlVpLFy5OvtBSHfCHpaaMZpLEl1hSHBk0Q
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:21:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame DE74 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
39177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 03:28:28 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame DE74 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:34:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
67627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:34:18 GMT
view
ad.doubleclick.net/pcs/ Frame DE74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssuoo6cT3q0vUC098vf9jcPikXJr88ZGhY8PUabKM30115PNm-8pLxbc7ExaUzSVL0W2kq_qi-nSPIQbDOIA4fq9_5nNH1G3H3UMn_L-vdAatfxHUitRhJtqAHzM7pT4WKx6iBmXLJRcTE1f25ZzKfm4Ysf-YESXWp7hh3DFR59H_eyT7Y0VZ2KOo504mjKWLGgyQ7IQ1HNvB0VCGEWfjL615WV1140X4SA6eQ_erpEcC-BBJ_EaUHGvNEZ29M3X3PrODq6mL_6-s5YZ_lY_ceV8ans88o6_cdMMTvhZKXerojdA9xYnH0tN6ZYSme5WuVp113O3-QiuwJPvkO8I9HQYozr1QfCoJaU1_IA14bVhAUfqNoSK3vKRojn6Ahqlnd0UPA0gpDYujBVK4VyjsPNTEdgLfTzXGPQYczqIS6v_LyEBIOpTnv-2emiuq3xL138rlUYRYffeEb5k0L07r2h0s5jmV0SkGjKp9e89-iQXuL0Nfh_oSgeRoYUeFz3cB5wBDthNayX_OhzfaiRA6GpJX5t2uBZ12NP3jiAGIY5WJDvDssoJDkjqtE7MtpSFsTVWPGLv2njEHvsLtnuucbrsXFRx7TyvZOLrtsz3DPPLusbZHAFJbDJV4xBbmNxsVA3_r0UCHwTfrvItpu2p2777hTfqhFaIV1DR2h3duOlTc-56TPQqQ9UtYaK9HrJpWvU8Au2gXnUZfzS6YBO8Vqn-YcjNlAoskwhNiV5b6dTCXzIQr8suBdXhrrpI2esc8ZTNZAzPas7d_NmTdFT2qGa47_1VZfaezaQZxatc1MMR-yDwDSQYGjwbAxLUjNah0E8YiOXlHyuc88gZc4eBzudUzuHrNrPMT-Hc_xNCQTE7rgmvlLGR7zX_2oClgPZWU1IvOLqoEciqz_17nRQgbd_KtP7LcpbxCgRDRiN1YaZ4TpDCFiZEYWCiqAq8zGhpegmnYP3bZ6IpP319ECYjI8BLtqN6MCPkGphOdebyrn6dAg3Rg1pduFuCwWzzai2Nyt0yi-a9lZaeW1yxr28fHRII-nk6VYrnvhh1aW0ShP9m1HLraERTewSQI358zB8NPQXMFJegH8_ewnRFS5iE6ym2FOcPy3Iu9GMINVmLOPJMb3Y6hBOf0PrrK0rhIVHIcLhhJ0od8Eesns-xo0D7ofBHpyGGoLaFl7469TikRltnI_JuAC9zy_vaRx0IJskczAC_2N3eNQhEnc-cL4kWRmpTxL6Q1wm42a2JGUKErGcvD_B0IagcEGO6WYVEYNO-5UEt4Et09KeM03PEFaFmMWbzVKkxD28hPb8l_UDMZ-iKJIfV1TLCs94pfhdCFe9bAFY3TLg6nloAmJqtrH6o91V67G74u7YMfjJ2D97pEsoai3ByDSyWvXAq3Ybaa0RPbuT-Xu1xFokiwrDdw&sai=AMfl-YRApRUHaSLyR35zSoxb3n1Uy-eySBXxiNAmK8oiC6m8meq90cCO4ReoqplB0TmXQn448xJCKXRbXYaSsJJj19meMEEq6zI4WFqiv6pOJdi4bLntQc_R5cKxLMkt2piCXJ7XpzkYmRKU8WPRRjfQfZtDr3mR4CwGAHofhzDXqx_QXIJtzPGvLP3_cKlUrfAF3jlfKAYXkau4gAEDzYM2UhiMkn0yg__ZhigvMnUHzoSQyLEYr5NRTwrm9guntaDmacCY1ZXPDRAZLTItFL_zbyRGnsCTB-Soc_79garvzPAs3CuuldXtHh8rVAB2d2aP-LtRiy3fW_anufoZLNOwMbAuKNdqMeTDpvHgX4nBK_IQ1mePd2bHx6u1xjj5nYvNjtqmrTnYN7F6KPxJTnXt3FRIl5ktKQqqRmR4he3F&sig=Cg0ArKJSzJkaB0KcbqtHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oaXNjb3guY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240109.54853&arae=0&ftch=1&adurl=
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.149 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 14:21:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
analytics.js
s.cdnsynd.com/2/641959/ Frame DE74 		0
64 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cdnsynd.com/2/641959/analytics.js?dt=6419591531399173184001&ac=11362813&si=4792984&pc=380253307&pi=570966381&cr=203779856&dm=300x250&ai=6836545&ui=AMsySZalTn7lBpkpwKAhENbShnW-&cb=2296158588&pp=N555803.2382313DOUBLECLICKBIDMAN&md=display
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.213.108.162 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 14:21:24 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DE74 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 05:46:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
376482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 05:46:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame DE74 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:02:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
55145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:02:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CF9F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
67630
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:34:15 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 19:34:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame DE74 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:02:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
55145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:02:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE74 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DtX_gDl6g0eyBEk8rY_gBWWtQEFqSSkGkzL3JGj_8SRwCfZwRFkPOPoQWtL-l2aDOoDbSbd_pyJkVj_SFT2jL42Euh-9hfyfPs0FrGBFMG49Y63Bo
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame DE74 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmKcshNr7i0gTDYu9IAjmKK5JuImZS2L0CtycNG43rBQ-dlJUqVUQfbpknk7IufvBiEap0dzxKEKG_3yH19kNGRxrseg
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DE74 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 14:21:25 GMT
4134837525995264382
s0.2mdn.net/simgad/ Frame DE74 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4134837525995264382
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 07 Jan 2025 10:01:36 GMT
date
Mon, 08 Jan 2024 10:01:36 GMT
x-content-type-options
nosniff
age
361189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94042
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 05:41:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
async_usersync
ib.adnxs.com/ Frame 56B2 		0
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
an-x-request-uuid
f692d7d3-74e4-4dba-8e76-97337dfc20e1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 5912 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
968e5eba51f1ee800cbd6720efe0cf8a0503f7abc30fe090ccf60c3a8f1c963c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame E6D3 		482 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEYzLvm_AEwAQ&v=APEucNVxWOqLViteml560Q34hS4y4BI8k-4tYJo6-yDwoHAV49Jhk1aIZ59mVjq9z34YqCA8CvugHdpWxNc3iFxq5qV_DuwrNQ
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:21:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4134837525995264382
s0.2mdn.net/simgad/ Frame C0AA 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4134837525995264382
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 07 Jan 2025 10:01:36 GMT
date
Mon, 08 Jan 2024 10:01:36 GMT
x-content-type-options
nosniff
age
361189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94042
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 05:41:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame C0AA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
39177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 03:28:28 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame C0AA 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:34:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
67627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:34:18 GMT
view
ad.doubleclick.net/pcs/ Frame C0AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssarv-HIOaNUzfnGM5oHlugWRsvR__f3S7MUngt3zjR8_OpkewAWjMW7jMAltxdIYJHTs3EZOuJ6CYKn0ir_DJ47Se9BedSTu1XzEbuL9K-E1WMCIOcAjRm7IkIGvPk7f7wC_wzt1duIxVzF0RZvcVBCEdJNHFI-W_5bt3DxGfEO2SC-TIAQwCVN5CClKpq6-hjhed7fG-G2mDIFj7PFDbshG1hP7asxh6m24sf110emHOlaQMKCw4F3jXt1Un7ylIUNxFf1A5r53iSPADorKflymvOj2yBmhOo-1JQr5WhG5Lf0Rh-LGrpZAcIzWrMTB_mD96y-zbGTYQoG8K1U6soSKkD_e2GNgOC-I_vntDKK71Q6XDOi-TpYf00ayLCIY97VyGmjTT6h6jKoDIt1m2EaemZsT3k1foViSX2_fvSNdfC0DWd1TMhtrevSohFZnBtSudQTDznlcv-Bbnp8Y7g4zI3U0S8P-rXLkk0shuvOBHCVFfFszHCnruP1Q9n9IjQtyTnpQCv9ejVosHzB0rvCSvRo-MW-CC8X0Q9F9_tiQuvgSZSZpLuJ7ExkAbhkY433zkH01jx4O-e3UhvA2LsIUJzPLxzR_ND9nYVyI5X0heO2IFsAk_nwHT7ZYJGQUz4Qgf7WkVgT_NWgqBV0DDNJ-ww0K-a5M81MpuW7S-KTPlzBqH5Cl90AzlJLKJlSjZzdsMvbqY0Xhp1t4Z2H4NcxjjnjaXQCY3oimXBZI8bT3Ni0UuyQ77lhWL9Y9WR9Xw9X3mMzWM-r00umNXGC-aPHsQS4tgLhiqL_vG_pJz2PHUD5sUtsgiUcphVY0CrcPVmwSXXTOqH9kOXhbADQGawTEBYTINoMX1WJCfF8Fo3wDiWYc4SEqQeqsOz6v0mj774jjQY_VXZmJSnweTZ3SkwJKWL2r6Ypda_HcNujx-poKlh-smDv8Xz77_HBT6B_l9gKmo-PyYqae5Jx5588xnxjlciELixHrTiEbxE3JIA_H0YRLr0nQ6W086OnVabjcxWaLpDGk7Gqi70X_CWylxbJwyQZceqZTqx2fKwYaUGXzlOGofJ5kXHY07Ye5zwglSNX6dA-Vm6vWD_1hgX9dJH4uA-znGhXK1Gv5DnQ2PcbgejysdpA2ccWAt1lzGh33ni_JxAJHcJwwESUzLIyRjKySka2ZB03G4inx-HSpXpBkSlQzBkKwet4XS9rIWcYMJ6cynKiibEXxlWbRLVmcYLQ9XNv9zcW5_aMdfzjBIZ4MyoZEdOyFZ3u2KDqS_owu2VaS7vNkBUdbjoCm_OulfR1TJ1Jg6PtANUdflCyCmxZMtVRAqZ5c5V-F7XlcE-vSIt5TNETvJ1EJuMD1oHrVbeck1ClATzTMt2Z1Jlxm70scRgiRDFGtPQ7tnF57AlnAiatXXp7yJiQKaXOg&sai=AMfl-YSQpurjXEWo44bmOPbwaFOB_LYluXvVkZvXd0Rq1YswtjKpyHWDKbKU5FzlYMS7IASrkGoFDvCFy0IQSVLnxRLw_obFaZ_fYJrxhdtEXkDjbmivQr1TxPMyb9p8IT6OukjgIXBsJX4VFq4tzRICMy8-6aPVGzGQBS7Rr6uPu3sibYMCUq2xQ2RRBTz1xwc7lvsV8aPLiG9vgMvh4m9EU8amWo1zSgHtvunw9iMP9751BY65QZlnrG5v1DcofzK8cUa-XMZSKgUDXXiSh9nakJ5pDzQ8LHqIKPftSqRIw6ZLNlbnuPhkcqy3RXZYCGc5id308bRtXylCu5q9_SlUloSsL7jsnDBvthENnXP7TaQyXrXdTY-VKsMsKSb6EkA_b9jGu8OHL3kDcAdqrD-CHBPOooVdxNv2MhYH2r_v&sig=Cg0ArKJSzIiC7xOwuis-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oaXNjb3guY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240109.18759&arae=0&ftch=1&adurl=
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.149 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 14:21:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
analytics.js
s.cdnsynd.com/2/641959/ Frame C0AA 		0
64 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cdnsynd.com/2/641959/analytics.js?dt=6419591531399173184001&ac=11362813&si=4792984&pc=380253307&pi=570966381&cr=203779856&dm=300x250&ai=6836545&ui=AMsySZalTn7lBpkpwKAhENbShnW-&cb=970360417&pp=N555803.2382313DOUBLECLICKBIDMAN&md=display
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.213.108.162 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 14:21:24 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C0AA 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 05:46:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
376482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 05:46:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame C0AA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:02:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
55145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:02:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 39E1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
67630
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:34:15 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 19:34:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame C0AA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:02:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
55145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 23:02:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C0AA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AwjwDvcMK0XpW0VutYHRBP219ShSjMAxk3K-YxG_upCzdF7bbxmch81908E0zcfkGqDfI46E74qZb0FfNom-5SyrcVmhful4Z8mHliBMtzE5wn-Cs
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame C0AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCw-rGJONhQM1IncYQJ4fxm0c-W-j3Kj0JDFl6Pcofw_sNaohgR3FPL5WVn-ZB0zbmHffrsCOvsICUl0SCqHx8YTlUfA
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C0AA 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 14:21:25 GMT
usersync
usersync.gumgum.com/ Frame 3729
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRAQ87BD-D-GIJZ
  • https://usersync.gumgum.com/usersync?b=mag&i=LRAQ87BD-D-GIJZ
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LRAQ87BD-D-GIJZ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.207.45.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LRAQ87BD-D-GIJZ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F3F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401100101&jk=1043877398072632&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 4AA8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=70451e3f-8576-44e3-b479-ae4858a3ebcb&gdpr=0&gdpr_consent=&expires=30
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=70451e3f-8576-44e3-b479-ae4858a3ebcb&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=70451e3f-8576-44e3-b479-ae4858a3ebcb&gdpr=0&gdpr_consent=&expires=30
date
Fri, 12 Jan 2024 14:21:25 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 4AA8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJBUTg3QkQtRC1HSUpa
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELp49RaID0JtYN8kTBOTiG8&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBUTg3QkQtRC1HSUpa&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBUTg3QkQtRC1HSUpa&google_push=
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBUTg3QkQtRC1HSUpa&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08c627b67f10e75995ce6908d3f9f7b
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 4AA8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOImiKa2zlQiadZlTckqkW4&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOImiKa2zlQiadZlTckqkW4&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOImiKa2zlQiadZlTckqkW4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 4AA8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRAQ87BD-D-GIJZ
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRAQ87BD-D-GIJZ
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:25 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: AE7F62B3E00642E381D52F571FCFF3CB Ref B: MIAEDGE1813 Ref C: 2024-01-12T14:21:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOwGEYlvV1xZ4WkbIqQg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRAQ87BD-D-GIJZ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e07703167439847c6c49a939083c0fd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 4AA8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uxkPgPtFRFiHwpo2QElfVQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uxkPgPtFRFiHwpo2QElfVQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uxkPgPtFRFiHwpo2QElfVQ
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ST01MM72X1YD42JZ4FAG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uxkPgPtFRFiHwpo2QElfVQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4AA8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zhc0INTDbBUrS0-dkCGEYg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5wa_FCtE2oKDixlfHiGSsTKYeRgXywrFwJjibw--~A
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5wa_FCtE2oKDixlfHiGSsTKYeRgXywrFwJjibw--~A
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 12 Jan 2024 14:21:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5wa_FCtE2oKDixlfHiGSsTKYeRgXywrFwJjibw--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 4AA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LRAQ87BD-D-GIJZ&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRAQ87BD-D-GIJZ&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SSTHYQKCBW2DFKPTQN0Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRAQ87BD-D-GIJZ&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4AA8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE3MzdiZGQzY2YzODEzNmQ4OTk4NDI4MWE4MDM0MTA5NDg4MTQxNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE3MzdiZGQzY2YzODEzNmQ4OTk4NDI4MWE4MDM0MTA5NDg4MTQxNg
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjE3MzdiZGQzY2YzODEzNmQ4OTk4NDI4MWE4MDM0MTA5NDg4MTQxNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4AA8 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4GNZ43SPFTZS74TG40NC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4AA8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADiEE7LQpYAABWw-wqvvQ&expires=30
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADiEE7LQpYAABWw-wqvvQ&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5e07703167439847c6c49a939083c0fd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADiEE7LQpYAABWw-wqvvQ&expires=30
Date
Fri, 12 Jan 2024 14:21:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 4AA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRAQ87BD-D-GIJZ
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRAQ87BD-D-GIJZ
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRAQ87BD-D-GIJZ&ckls=true&ci=tY1WczNcmm&nc=false&trid=332135043
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRAQ87BD-D-GIJZ&ckls=true&ci=tY1WczNcmm&nc=false&trid=332135043
Protocol
H2
Server
108.156.120.36 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
via
1.1 f0bb23e68ac502922258d4a97191931c.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P3
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
EOTQv3WL__twUIx2-RewyQUQM5DbMU_B-dv9hhaAMdnbCceIcnrrsQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
via
1.1 6afb35b1de1354059a7fd10e3034a310.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P3
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRAQ87BD-D-GIJZ&ckls=true&ci=tY1WczNcmm&nc=false&trid=332135043
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
RD7r79u2omY2KQr-MHB6ggo-AVY-7FBh751W-0iUQFvGYtddCYHrRA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
capi.connatix.com/us/ Frame 4AA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LRAQ87BD-D-GIJZ&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LRAQ87BD-D-GIJZ&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LRAQ87BD-D-GIJZ&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Protocol
H2
Server
104.18.41.104 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84460bbecb25226f-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 12 Jan 2024 14:21:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LRAQ87BD-D-GIJZ&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84460bbe2a77226f-MIA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
cksync
hb.yahoo.net/ Frame 4AA8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRAQ87BD-D-GIJZ&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRAQ87BD-D-GIJZ&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1EdFlEVFZ4RTJ1RkdLbkZxanFYb1BZX28yUk9rb3N3S35B&ovsid=LRAQ87BD-D-GIJZ&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1EdFlEVFZ4RTJ1RkdLbkZxanFYb1BZX28yUk9rb3N3S35B&ovsid=LRAQ87BD-D-GIJZ&dpid=58160
Protocol
H2
Server
23.40.62.72 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 12 Jan 2024 14:21:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Fri, 12 Jan 2024 14:21:26 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1EdFlEVFZ4RTJ1RkdLbkZxanFYb1BZX28yUk9rb3N3S35B&ovsid=LRAQ87BD-D-GIJZ&dpid=58160
date
Fri, 12 Jan 2024 14:21:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 4AA8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6f1ebc94-d3d1-488e-b28a-77cdc832b37d&expires=30
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6f1ebc94-d3d1-488e-b28a-77cdc832b37d&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b08c627b67f10e75995ce6908d3f9f7b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=6f1ebc94-d3d1-488e-b28a-77cdc832b37d&expires=30
Date
Fri, 12 Jan 2024 14:21:25 GMT
Connection
keep-alive
X-CI-RTID
06d3d804-54d2-4b2c-bfc1-5472fd1c2a3c
Content-Length
144
Content-Type
text/html; charset=utf-8
receive
pixel.tapad.com/idsync/ex/ Frame 4AA8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRAQ87BD-D-GIJZ
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRAQ87BD-D-GIJZ
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:26 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRAQ87BD-D-GIJZ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 4AA8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LRAQ87BD-D-GIJZ
  • https://ce.lijit.com/merge?pid=80&3pid=LRAQ87BD-D-GIJZ&dnr=1
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LRAQ87BD-D-GIJZ&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 14:21:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LRAQ87BD-D-GIJZ&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 99E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEY05y7_AEwAQ&v=APEucNXC7w7IpMZJMe3sgTT92TqLgjrPmAuaEZfJ3tSRSTQ2rQHakTH-NAo3DoUZot4JFX1GgFR4lP0dGy6nBEctXOMY6X5PRg
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWwyYRFZJlpDotBW0BuFsV%2FEz6%2BZAl5ofgxPyjzFBAPbcKM%2FWzrqw0qYBTSZLns2ZfmaD6J01X7%2BwfBTtCgLMSOCjosGKiGZyjfW1%2BXVkTsvwmnKEZ%2FuVk2V7veHXklpleRAd%2FE9KVyS6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84460bbc4fd99aba-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 99E3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFK5Nv31rY90DfpRZT2bAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEY05y7_AEwAQ&v=APEucNXC7w7IpMZJMe3sgTT92TqLgjrPmAuaEZfJ3tSRSTQ2rQHakTH-NAo3DoUZot4JFX1GgFR4lP0dGy6nBEctXOMY6X5PRg
Protocol
H3
Server
104.18.36.155 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jy8lFNX6vQvhDBUBQw0ATv7q4C4hVr68D%2FjmY2IK8%2FKFBjWCRInpoXMz52XK1IOhNxpDjLs3uVIRBeyB1d8WVukYu2g9PifRb41sBB6wMvOv0h6BEdTa76YHLlyzD2w2WMJUdlE2Qh9YZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84460bbcf8aa9aba-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPOY-bAer2G-L6937RUVOR4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 99E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEInb13h8OkGXpalclHmGkQA&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEInb13h8OkGXpalclHmGkQA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEY05y7_AEwAQ&v=APEucNXC7w7IpMZJMe3sgTT92TqLgjrPmAuaEZfJ3tSRSTQ2rQHakTH-NAo3DoUZot4JFX1GgFR4lP0dGy6nBEctXOMY6X5PRg
Protocol
H2
Server
68.67.160.114 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
an-x-request-uuid
7195473b-c35f-467e-be93-439e887a73b5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.69; 38.132.118.69; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEInb13h8OkGXpalclHmGkQA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 99E3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1NjgwMzg0NjQ2ODQzNjc3OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1NjgwMzg0NjQ2ODQzNjc3OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEY05y7_AEwAQ&v=APEucNXC7w7IpMZJMe3sgTT92TqLgjrPmAuaEZfJ3tSRSTQ2rQHakTH-NAo3DoUZot4JFX1GgFR4lP0dGy6nBEctXOMY6X5PRg
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
an-x-request-uuid
40543aaf-4bce-42df-8e40-a66e4823312d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1NjgwMzg0NjQ2ODQzNjc3OQ%3D%3D
x-proxy-origin
38.132.118.69; 38.132.118.69; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4D5A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECApZuaNuuODH-yktyUUfD8&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECApZuaNuuODH-yktyUUfD8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEYzLvm_AEwAQ&v=APEucNU7zO8fQO8WIDD_r6jnMqXr_P8k_6hK7fun4atxVFGs4RfrriQOv3x5xhFeZlVpLFy5OvtBSHfCHpaaMZpLEl1hSHBk0Q
Protocol
H3
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECApZuaNuuODH-yktyUUfD8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D5A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzM5NjhkM2QtN2YyMi02M2I0LTUxMGYtMmM0MmMxODk4ZjY1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzM5NjhkM2QtN2YyMi02M2I0LTUxMGYtMmM0MmMxODk4ZjY1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEYzLvm_AEwAQ&v=APEucNU7zO8fQO8WIDD_r6jnMqXr_P8k_6hK7fun4atxVFGs4RfrriQOv3x5xhFeZlVpLFy5OvtBSHfCHpaaMZpLEl1hSHBk0Q
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 14:21:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzM5NjhkM2QtN2YyMi02M2I0LTUxMGYtMmM0MmMxODk4ZjY1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 4D5A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEK19xEm97SJ3sktfeGfOyGI&google_cver=1
23 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEK19xEm97SJ3sktfeGfOyGI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEYzLvm_AEwAQ&v=APEucNU7zO8fQO8WIDD_r6jnMqXr_P8k_6hK7fun4atxVFGs4RfrriQOv3x5xhFeZlVpLFy5OvtBSHfCHpaaMZpLEl1hSHBk0Q
Protocol
H2
Server
23.62.165.62 -, , ASN (),
Reverse DNS
Software
pekko-http/1.0.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 12 Jan 2024 14:21:26 GMT
pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEK19xEm97SJ3sktfeGfOyGI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D5A
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzIwYzg5MGUtZTZmYS00ODcyLTg1NTktNzQyMzAzOTlkZjZk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzIwYzg5MGUtZTZmYS00ODcyLTg1NTktNzQyMzAzOTlkZjZk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEYzLvm_AEwAQ&v=APEucNU7zO8fQO8WIDD_r6jnMqXr_P8k_6hK7fun4atxVFGs4RfrriQOv3x5xhFeZlVpLFy5OvtBSHfCHpaaMZpLEl1hSHBk0Q
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzIwYzg5MGUtZTZmYS00ODcyLTg1NTktNzQyMzAzOTlkZjZk
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 12 Jan 2024 14:21:26 GMT
sync
partners.tremorhub.com/ Frame E6D3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEOJ1gUwunfqJaiBqt5TuVgs&google_cver=1
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEOJ1gUwunfqJaiBqt5TuVgs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKChoQIQyNKa_wEYzLvm_AEwAQ&v=APEucNVxWOqLViteml560Q34hS4y4BI8k-4tYJo6-yDwoHAV49Jhk1aIZ59mVjq9z34YqCA8CvugHdpWxNc3iFxq5qV_DuwrNQ
Protocol
H2
Server
2600:1f18:612b:4280:4704:4c85:9700:4b40 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 12 Jan 2024 14:21:26 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEOJ1gUwunfqJaiBqt5TuVgs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame E6D3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDXyg-IObSys2J9q9Fsm_uk&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame E6D3 		0
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1076 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
110068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 07:46:58 GMT
expires
Fri, 10 Jan 2025 07:46:58 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1D38 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
110068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 07:46:58 GMT
expires
Fri, 10 Jan 2025 07:46:58 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 35F0 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 5F8E
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIJ9_k0_bRCTPTaUXNDnCQ0&google_cver=1&google_push=AXcoOmT0bCSGh4YtJzw7n4zx5KhN28MGSojTFlrnK-xpDw2c-U5pTKbKEzZ320ET_scZ2Q1GXB6Zt...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT0bCSGh4YtJzw7n4zx5KhN28MGSojTFlrnK-xpDw2c-U5pTKbKEzZ320ET_scZ2Q1GXB6Zt9Bq2MDy4UWc5PfWI11j29oI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT0bCSGh4YtJzw7n4zx5KhN28MGSojTFlrnK-xpDw2c-U5pTKbKEzZ320ET_scZ2Q1GXB6Zt9Bq2MDy4UWc5PfWI11j29oI
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 14:21:25 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: CC647691AFDC4E0CB2F7A419C1511F9B Ref B: MIAEDGE1813 Ref C: 2024-01-12T14:21:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT0bCSGh4YtJzw7n4zx5KhN28MGSojTFlrnK-xpDw2c-U5pTKbKEzZ320ET_scZ2Q1GXB6Zt9Bq2MDy4UWc5PfWI11j29oI
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOwGEbR4iCYvcxE8FImg==
pixel
cm.g.doubleclick.net/ Frame 5F8E
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEOFgL3QhTpO3yia6Psd2swM&google_cver=1&google_push=AXcoOmSlF6XDOHZQlFE6KIRNxTjwwExfyLU07LjVxiWPq_gDmnE0M9J5alrZFDf3OFJiKKjI1VQP7Laxfz7w9Kp-EoR1xfy63Cg2iQ
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Y3lHVkFHc0hCdm1EWW4xbjVrcWhaUQ%3D%3D&google_push=AXcoOmSlF6XDOHZQlFE6KIRNxTjwwExfyLU07LjVxiWPq_gDmnE0M9J5alrZFDf3OFJiKKjI1VQP7Laxfz7w9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Y3lHVkFHc0hCdm1EWW4xbjVrcWhaUQ%3D%3D&google_push=AXcoOmSlF6XDOHZQlFE6KIRNxTjwwExfyLU07LjVxiWPq_gDmnE0M9J5alrZFDf3OFJiKKjI1VQP7Laxfz7w9Kp-EoR1xfy63Cg2iQ
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 14:21:26 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Y3lHVkFHc0hCdm1EWW4xbjVrcWhaUQ%3D%3D&google_push=AXcoOmSlF6XDOHZQlFE6KIRNxTjwwExfyLU07LjVxiWPq_gDmnE0M9J5alrZFDf3OFJiKKjI1VQP7Laxfz7w9Kp-EoR1xfy63Cg2iQ
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
245
pixel
cm.g.doubleclick.net/ Frame 5F8E
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMGe-aGep6VUXrgeMuSFemg&google_cver=1&google_push=AXcoOmQAQZIhrn4AzbDOThYCEdN2ZHdHN_Jzrh985JZVWRnn1OKApcWoFmsBNool74SLFSeJvMKDaKr12hi_l11A54uQrbMUbxHTkw
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQAQZIhrn4AzbDOThYCEdN2ZHdHN_Jzrh985JZVWRnn1OKApcWoFmsBNool74SLFSeJvMKDaKr12hi_l11A54uQrbMUbxHTkw&google_hm=wK_Uyx_ThD6imzpM2HJ7vw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQAQZIhrn4AzbDOThYCEdN2ZHdHN_Jzrh985JZVWRnn1OKApcWoFmsBNool74SLFSeJvMKDaKr12hi_l11A54uQrbMUbxHTkw&google_hm=wK_Uyx_ThD6imzpM2HJ7vw==
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQAQZIhrn4AzbDOThYCEdN2ZHdHN_Jzrh985JZVWRnn1OKApcWoFmsBNool74SLFSeJvMKDaKr12hi_l11A54uQrbMUbxHTkw&google_hm=wK_Uyx_ThD6imzpM2HJ7vw==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
pixel
cm.g.doubleclick.net/ Frame 5F8E
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEPZjObhQ_f4yMg4Cbq6xJiM&google_cver=1&google_push=AXcoOmSeGcnn_mUwgyuXVosOWaBXErOemhAA-24Z6TuQveMwPcJ9jH_yaq54szxjGnj_wOzvHlonpwMus5Jh4MHEsq...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU3NzM5NjIwMTQ1NjIwMjIyMzI&google_push=AXcoOmSeGcnn_mUwgyuXVosOWaBXErOemhAA-24Z6TuQveMwPcJ9jH_yaq54szxjGnj_wOzvHlonpwMus5Jh4MHEsqw0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU3NzM5NjIwMTQ1NjIwMjIyMzI&google_push=AXcoOmSeGcnn_mUwgyuXVosOWaBXErOemhAA-24Z6TuQveMwPcJ9jH_yaq54szxjGnj_wOzvHlonpwMus5Jh4MHEsqw0mocXyFFDSA
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU3NzM5NjIwMTQ1NjIwMjIyMzI&google_push=AXcoOmSeGcnn_mUwgyuXVosOWaBXErOemhAA-24Z6TuQveMwPcJ9jH_yaq54szxjGnj_wOzvHlonpwMus5Jh4MHEsqw0mocXyFFDSA
Date
Fri, 12 Jan 2024 14:21:26 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5F8E
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECxlTnVclhPGvjQUiAV58OM&google_cver=1&google_push=AXcoOmRIhgLbSaJP9kgG1u86xJ1_mvlvSW_fDF_sjqNMmTE33_GYQNRePR0wlxdLkxWLPsVEg-Aq4lCIJX8hBtTuc...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECxlTnVclhPGvjQUiAV58OM&google_cver=1&google_push=AXcoOmRIhgLbSaJP9kgG1u86xJ1_mvlvSW_fDF_sjqNMmTE33_GYQNRePR0wlxdLkxWLPsVEg-Aq4lCIJX8hBtTuc...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRIhgLbSaJP9kgG1u86xJ1_mvlvSW_fDF_sjqNMmTE33_GYQNRePR0wlxdLkxWLPsVEg-Aq4lCIJX8hBtTucLlQK0e0GQI46w&google_hm=H-rdhGZHkZV6eukwSxOZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRIhgLbSaJP9kgG1u86xJ1_mvlvSW_fDF_sjqNMmTE33_GYQNRePR0wlxdLkxWLPsVEg-Aq4lCIJX8hBtTucLlQK0e0GQI46w&google_hm=H-rdhGZHkZV6eukwSxOZiFPV
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 Jan 2024 14:21:26 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRIhgLbSaJP9kgG1u86xJ1_mvlvSW_fDF_sjqNMmTE33_GYQNRePR0wlxdLkxWLPsVEg-Aq4lCIJX8hBtTucLlQK0e0GQI46w&google_hm=H-rdhGZHkZV6eukwSxOZiFPV
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 5F8E
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOd0xN4swtJZ5hcVTfVcdf4&google_cver=1&google_push=AXcoOmScughw7KDyAi5fJizicfHfMwG5MsfOxZONoFxfqGa7N56AnU0DcrJ4fpIVwyV2zR5Lehs4zZNz-8GTOoc2...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=0e8f6c97a7&gdpr=0&gdpr_consent=
43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=0e8f6c97a7&gdpr=0&gdpr_consent=
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
23.83.76.58 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 12 Jan 2024 14:21:26 GMT
via
1.1 61693b057e018abc75ef1a640f01cf38.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ORD53-C2
x-cache
Miss from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=0e8f6c97a7&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
UnDiw38WfDHjytZz3UZ7XtFWJSC0aHLiPj7LSYW7JkAkDL5Tv4fiUw==
pixel
cm.g.doubleclick.net/ Frame 5F8E
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESED8NyMEHTzvXYtQw2TcALzI&google_cver=1&google_push=AXcoOmQEwbH_okgZyiEi0DwVEVoMkZHT3CEDxfHpeiRm9dG6pttsJ5tbv8OnAdVx8yEN55HvR-E1ZoJ0IdhWa0KVTfQmKVV3kJqQhn8
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQEwbH_okgZyiEi0DwVEVoMkZHT3CEDxfHpeiRm9dG6...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-c5c8qjEYcNAzsZ1WCtWLCYV1aqQyrcC9CgKP0aeq1A&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8...
  • https://cm.g.doubleclick.net/pixel?google_hm=NVduaRzUeHN0hr0s1SBz&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ&google_nid=inmob...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=NVduaRzUeHN0hr0s1SBz&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ&google_nid=inmobi_new_eb
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 14:21:26 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=NVduaRzUeHN0hr0s1SBz&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
227
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 5F8E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JnbNhCgygOfLoPpsWyVvyw5tT_BR85LuOPtH8zqFuJhhj-mE1bIAguLUeJLNplVQR8cC6B3A
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
ad.doubleclick.net/pcs/ Frame 35F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssLzDKofUWsOP7dGOoJAM3vAuNerts0PTd6VCp3FLFmvLKNrXWn-srBFg8n4AvBtctJd_V5PeQhGMHq_1GNhQch4K63HgAya9cuTz00QVpm3MPB3mzA8vo_EdiirWpBvZjceSPd42xU1nMfehGOdn0POwRnBMzuMMwJoglTwLnJFIDM-B2ILRczVIGCLR-D9n5LlEn3qf59eZxzbd8ZcOb4VOXP2kh169VIFD2zZ03j_8G3RjwzpnIXgwEZzyUBhP1c-29e5zmuBP3M3KWC48ftz8sLV8D9lzwX05yzhuCyBq-ouUMdADXBCs3A5YXqd3beY_WD1B8LrOC-Ynb6nA-_MHnOv7TrLPbTiN7-NNJdE8ggY0RUTegC31nKTW_rbmJlgt0-k32p4nFsVQfgYn7IVzmb_prrY90B0Utnx67ZfJ7SSRklD1YYJriLZfFPZdkKxv_BGX8FeriK2RwWaMpM5dvV7_5EoCs3Nl2vOs9IMBolWEakySXMBSfOsBFiWRig4ISB2834KEB76PFytFf4rSJu3PZdi0aV9tYnrgQqrr9xcji6bcyCS12z2BI6nHRxc1oFTV2eDFA2RtCmqbTsUD5UnNHslMnBNVwPXiVq5QzPgYECFDetEs9Q8Urz9Hu6-rAIDekZOqthpZmeDoTCXS8O-d7Ux07So7d1m_pAtZPl54VBPkffsXu7Z3R3kKFwGNrsje9eux9ifqHDIHRkxZ04BfIdpegXj9zcr1xNWF1Kmy1RJtsaMrurmSm3swbYkPRQ3kNduCNzJNujEUKmWTQc2A3LyPQEjy59nMvZs_c-OFNWqmpHCLej6tFcIA9Kw4uBc_30eXYUQ8t0qA3rYCAfUzbAgAs3yDH9wIJ86gvOZt0ozsYCyvVGyed6o0xVPyqQnzNv4x1g5sZeyQ6EcC3smNIZSarNj68xj3s23v_nIVbP2sKuC20qsDiggjnviRpUDac5jL3oV94KaJmV0KknmzGD9sq_htFpSY1JmR8oGLMit2Enb9oeDVbm3wMWYcn-Anq0PET8hXtJY3b1ciZx1VmM3uy0EXUmTKcbtMGXc5mHh_cBgtkuDQmLLOFTCtqcWsH_gZFbCQ8P50rFE_7g7FzXDc_VfWO6tsOOb0aXDvar8lIzz6B0dCYWcEeUx0IYFTDjmzjcF9wfSi-SBUVkzJRBXOIUmNBAegU7cK1qbGqucTtdYi2vcu7zyQriTkCVxJNFsq0oo1jsbtyQuYGgTtAHeAoUPxkgzXoW5j3om7PmvSyJP1VSNv7nMXAAFvSV_x7Fox0jy9S7J1P2L2C1S2r4YRMQuBHvhCOE87K4E2Aw_kBlXZF02fA2bIgWJd_aZdSz7zHllXzCuRI3MYlYuvJRI6sXlSE9p9SvmZUDvg94DJXSxUHRK9BWMyJHVgRhMI_1Jw&sai=AMfl-YTvIlPou0b1vQ6leQZi1sArspqrTgxns9kOibEYEqrofTmLczI1mgEkcVnb8Ajw3CsIh5xJSRt66WA0ApSFT-ChEtJeQF9hbidOQmVAFieQ1RQ4jUzD18pCJewdRvZMCBzp03Xg5y7LHfY0EMb1378DeDGFCgsSm8pjpqMWf_x_WCxEHUF4EzsXehGh5lFevzuGuGH16j3E13DDF1yy-8fx8EYuzTPctLGbOUUezt622wq_PHVjjiee9X0Y2-MVpUSVADn9vXP0xa5D8pgKRpAWuytfid3_rzTfSAciQDSD7Q08ge0FOaAjESWZiyqhhJbq8paSxLgGw4G1sLvQUAVIpfZV-oyAjoda3wXzok0Ws7s9JNew0dkfjDlXq1Wk84STqnuIHKsc2zhZfiTZtxViJX-7fY1yWyj67gQ5&sig=Cg0ArKJSzF5DbsByIBcrEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oaXNjb3guY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=550&vt=11&dtpt=548&dett=2&cstd=0&cisv=r20240109.36469&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.149 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 8693 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
110068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 07:46:58 GMT
expires
Fri, 10 Jan 2025 07:46:58 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DE74 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame CF9F 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENxhQ0HZW5TIolwBxDTHFyU&google_cver=1&google_push=AXcoOmSMtTNtwha5s3Mbf-QpjNmv3TqjRXVv6bbPmq7nBscUCr4rDkkrVC6ZvpOkG2FiJ9NH0SvK5eJRudtQhODkIBMVis51_ziBLQ
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CF9F
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESECCAKLXkGzO09BDacRT_s20&google_cver=1&google_push=AXcoOmSaRUk-3K41z9Q3-76IIInkW6M8TuNCOz1o-6mxeDoNiMGIcYsoMvZDVm0gNWVAW-rb_KXtTOfhtqNTnHXbXK05k6gaE6rJ
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSaRUk-3K41z9Q3-76IIInkW6M8TuNCOz1o-6mxeDoNiMGIcYsoMvZDVm0gNWVAW-rb_KXtTOfhtqNTnHXbXK05k6gaE6rJ&google_hm=UjMzNjQ3XzEwRjJE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSaRUk-3K41z9Q3-76IIInkW6M8TuNCOz1o-6mxeDoNiMGIcYsoMvZDVm0gNWVAW-rb_KXtTOfhtqNTnHXbXK05k6gaE6rJ&google_hm=UjMzNjQ3XzEwRjJEMzI1OV8yNjc2NjAyNw%3D%3D
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmSaRUk-3K41z9Q3-76IIInkW6M8TuNCOz1o-6mxeDoNiMGIcYsoMvZDVm0gNWVAW-rb_KXtTOfhtqNTnHXbXK05k6gaE6rJ&google_hm=UjMzNjQ3XzEwRjJEMzI1OV8yNjc2NjAyNw%3D%3D
Date
Fri, 12 Jan 2024 14:21:26 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-388074086; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
346
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame CF9F
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEKqbZF9VO7mvE7q6xS4YU4A&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZjA4NjA0YTgtMzQ1Zi00NzMyLTlmOTctNjliMTEzYzNlMzU2&google_gid=CAESEKqbZF9VO7mvE7q6xS4YU4A&google_cver=1&google_push=AXcoOmR6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZjA4NjA0YTgtMzQ1Zi00NzMyLTlmOTctNjliMTEzYzNlMzU2&google_gid=CAESEKqbZF9VO7mvE7q6xS4YU4A&google_cver=1&google_push=AXcoOmR61M2_SLhHOpIYw3yzYNBNBKMCG5-m2bqdXyZ3oJNQeKKiz0nURc0qBo2ghcxl4g-RxW2YHAX54pnvNo9xIgtr8OV0nC1e
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZjA4NjA0YTgtMzQ1Zi00NzMyLTlmOTctNjliMTEzYzNlMzU2&google_gid=CAESEKqbZF9VO7mvE7q6xS4YU4A&google_cver=1&google_push=AXcoOmR61M2_SLhHOpIYw3yzYNBNBKMCG5-m2bqdXyZ3oJNQeKKiz0nURc0qBo2ghcxl4g-RxW2YHAX54pnvNo9xIgtr8OV0nC1e
date
Fri, 12 Jan 2024 14:21:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CF9F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIaBXVgrPG-OEJZJcb5UR20&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIaBXVgrPG-OEJZJcb5UR20&google_hm=ZaFK5Nv31rY90DfpRZT2bAAAFcEAAAAB&google_nid=index&google_push=AXcoOmTbV8psO3vEkTxKsyBsUlevtLjLkRBrZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIaBXVgrPG-OEJZJcb5UR20&google_hm=ZaFK5Nv31rY90DfpRZT2bAAAFcEAAAAB&google_nid=index&google_push=AXcoOmTbV8psO3vEkTxKsyBsUlevtLjLkRBrZyGByl44v0HLtq1Eofsq8XzMyh335-BPFgcHqQTN5k2ATJmqQ-YgL4b00BCTZDDVcw
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=En4G9gE6xF6TnS4vCLZTq5NQgnQgqcvxvMMyYnb1iLr372NrLb%2BTD6PEfoTEO4vDYjEiWKBcabQ0FIAYYjvh6QqzzqoPKNtjNuL9mB0GYVgf2XKXHBJDp4b49ImQlZmh8LBNoVg%2F2KcN5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIaBXVgrPG-OEJZJcb5UR20&google_hm=ZaFK5Nv31rY90DfpRZT2bAAAFcEAAAAB&google_nid=index&google_push=AXcoOmTbV8psO3vEkTxKsyBsUlevtLjLkRBrZyGByl44v0HLtq1Eofsq8XzMyh335-BPFgcHqQTN5k2ATJmqQ-YgL4b00BCTZDDVcw
cache-control
no-cache
cf-ray
84460bbd798f9aba-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
v1
match.sharethrough.com/sync/ Frame CF9F
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOd0xN4swtJZ5hcVTfVcdf4&google_cver=1&google_push=AXcoOmSNHm3Iw7tNSrepKlj8xR7N4-7LiMSxIFajRd953KWB8DT33zrWKKRdCaVTjZs_gafl1--Eurfb-RNd7mcv...
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=d985cb2f3f&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=d985cb2f3f&gdpr=0&gdpr_consent=
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
3.215.126.7 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:26 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Fri, 12 Jan 2024 14:21:26 GMT
via
1.1 61693b057e018abc75ef1a640f01cf38.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ORD53-C2
x-cache
Miss from cloudfront
location
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=d985cb2f3f&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
WVDBmApgCKqpnsJC37D_LPiX5fJG2UF2GDjoF2Uum4XRboEOXLedMg==
ebda
match.360yield.com/match/ Frame CF9F 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEBoHlXrc2pjWJ4aqnJrmh5Y&google_cver=1&google_push=AXcoOmQW1ehtvJbiFAPdHA0Fq9R9Dv3-T0-HSbu7GgKrg3pfBGyfm5XykCf1isnTyHC8kyoQM7byiqNRsOYtf2UQ6XxgMVE__JH9rg
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.208.244.62 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Jan 2024 14:21:26 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame CF9F
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEKpeNWIJ3gA2VDjTHLy5liw&google_cver=1&google_push=AXcoOmRVQbNFV7DKL6ZOnZBWWsCJorjqpRzxjP8s6xKi7S9H9oqF3T1_X3KG6rqRhnGTM5Zbb8QhomI1sM6Gl_DzsHpOD11LofoqUg
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRVQbNFV7DKL6ZOnZBWWsCJorjqpRzxjP8s6xKi7S9H9oqF3T1_X3KG6rqRhnGTM5Zbb8QhomI1sM6Gl_DzsHpOD11LofoqUg&google_hm=1db296cda2faa699c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRVQbNFV7DKL6ZOnZBWWsCJorjqpRzxjP8s6xKi7S9H9oqF3T1_X3KG6rqRhnGTM5Zbb8QhomI1sM6Gl_DzsHpOD11LofoqUg&google_hm=1db296cda2faa699c8f682b863807683
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmRVQbNFV7DKL6ZOnZBWWsCJorjqpRzxjP8s6xKi7S9H9oqF3T1_X3KG6rqRhnGTM5Zbb8QhomI1sM6Gl_DzsHpOD11LofoqUg&google_hm=1db296cda2faa699c8f682b863807683
date
Fri, 12 Jan 2024 14:21:26 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame CF9F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJXsFWK1t_XEueOmkeN3FniCVVq7jJx46tZP3FnvZ-X6UsVZuukvb2v2gdbuN8GfrUr6uY
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame FFD7 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
110068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 07:46:58 GMT
expires
Fri, 10 Jan 2025 07:46:58 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C0AA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame DE74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssuoo6cT3q0vUC098vf9jcPikXJr88ZGhY8PUabKM30115PNm-8pLxbc7ExaUzSVL0W2kq_qi-nSPIQbDOIA4fq9_5nNH1G3H3UMn_L-vdAatfxHUitRhJtqAHzM7pT4WKx6iBmXLJRcTE1f25ZzKfm4Ysf-YESXWp7hh3DFR59H_eyT7Y0VZ2KOo504mjKWLGgyQ7IQ1HNvB0VCGEWfjL615WV1140X4SA6eQ_erpEcC-BBJ_EaUHGvNEZ29M3X3PrODq6mL_6-s5YZ_lY_ceV8ans88o6_cdMMTvhZKXerojdA9xYnH0tN6ZYSme5WuVp113O3-QiuwJPvkO8I9HQYozr1QfCoJaU1_IA14bVhAUfqNoSK3vKRojn6Ahqlnd0UPA0gpDYujBVK4VyjsPNTEdgLfTzXGPQYczqIS6v_LyEBIOpTnv-2emiuq3xL138rlUYRYffeEb5k0L07r2h0s5jmV0SkGjKp9e89-iQXuL0Nfh_oSgeRoYUeFz3cB5wBDthNayX_OhzfaiRA6GpJX5t2uBZ12NP3jiAGIY5WJDvDssoJDkjqtE7MtpSFsTVWPGLv2njEHvsLtnuucbrsXFRx7TyvZOLrtsz3DPPLusbZHAFJbDJV4xBbmNxsVA3_r0UCHwTfrvItpu2p2777hTfqhFaIV1DR2h3duOlTc-56TPQqQ9UtYaK9HrJpWvU8Au2gXnUZfzS6YBO8Vqn-YcjNlAoskwhNiV5b6dTCXzIQr8suBdXhrrpI2esc8ZTNZAzPas7d_NmTdFT2qGa47_1VZfaezaQZxatc1MMR-yDwDSQYGjwbAxLUjNah0E8YiOXlHyuc88gZc4eBzudUzuHrNrPMT-Hc_xNCQTE7rgmvlLGR7zX_2oClgPZWU1IvOLqoEciqz_17nRQgbd_KtP7LcpbxCgRDRiN1YaZ4TpDCFiZEYWCiqAq8zGhpegmnYP3bZ6IpP319ECYjI8BLtqN6MCPkGphOdebyrn6dAg3Rg1pduFuCwWzzai2Nyt0yi-a9lZaeW1yxr28fHRII-nk6VYrnvhh1aW0ShP9m1HLraERTewSQI358zB8NPQXMFJegH8_ewnRFS5iE6ym2FOcPy3Iu9GMINVmLOPJMb3Y6hBOf0PrrK0rhIVHIcLhhJ0od8Eesns-xo0D7ofBHpyGGoLaFl7469TikRltnI_JuAC9zy_vaRx0IJskczAC_2N3eNQhEnc-cL4kWRmpTxL6Q1wm42a2JGUKErGcvD_B0IagcEGO6WYVEYNO-5UEt4Et09KeM03PEFaFmMWbzVKkxD28hPb8l_UDMZ-iKJIfV1TLCs94pfhdCFe9bAFY3TLg6nloAmJqtrH6o91V67G74u7YMfjJ2D97pEsoai3ByDSyWvXAq3Ybaa0RPbuT-Xu1xFokiwrDdw&sai=AMfl-YRApRUHaSLyR35zSoxb3n1Uy-eySBXxiNAmK8oiC6m8meq90cCO4ReoqplB0TmXQn448xJCKXRbXYaSsJJj19meMEEq6zI4WFqiv6pOJdi4bLntQc_R5cKxLMkt2piCXJ7XpzkYmRKU8WPRRjfQfZtDr3mR4CwGAHofhzDXqx_QXIJtzPGvLP3_cKlUrfAF3jlfKAYXkau4gAEDzYM2UhiMkn0yg__ZhigvMnUHzoSQyLEYr5NRTwrm9guntaDmacCY1ZXPDRAZLTItFL_zbyRGnsCTB-Soc_79garvzPAs3CuuldXtHh8rVAB2d2aP-LtRiy3fW_anufoZLNOwMbAuKNdqMeTDpvHgX4nBK_IQ1mePd2bHx6u1xjj5nYvNjtqmrTnYN7F6KPxJTnXt3FRIl5ktKQqqRmR4he3F&sig=Cg0ArKJSzJkaB0KcbqtHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oaXNjb3guY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=559&vt=11&dtpt=557&dett=2&cstd=0&cisv=r20240109.54853&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12193516193661502104/ Frame 2CB1 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
12066
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4850
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 11:00:20 GMT
expires
Sat, 11 Jan 2025 11:00:20 GMT
last-modified
Wed, 20 Dec 2023 12:24:27 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5912 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu__V7jkCcizrBtS0iHoKUOIzkyw8rl-A7HhVu6aXxLitsEylOCcRGN0MWgpeVnwlueguhdf7VL4ZlYXKh8XJsg9gfdAJVb_lY-1GwItqSOQDQ3pXctlv7U7kRHmgQBt4GnxCQhGhudMccGhuCepXknMqEVKAJSpjfVdE9U-6__sZ-eig6N16BwOVvKcHdRagGsL2E5UUgi6in9MuKLp-fb_qKVejw4lbdCX3G--m9z-nIreVynFWpjwZ3eErOTesfUi6cjJY6CX6aO1aT-vDUMBTbOmtMg1JgpKxXYOnXR6N1CpcnoskQUNG-i29mVuqpbc5XFU-BniINIMoASb90aRHc-3_hCrgxcCk27aMYqTzt5tiPMi4F428paIJejKRXn9MtjdL446lZiaDVxY5bfzNyO7hCupjpexPomCaYN6x4SArgYb6-tSRcw9lv5eKC1DV6GT4RAE6kh5xVE7Eh6xKC4HRGWq7Ba9boNSZN_ccSXg1ciPY_yHJ2n-88SBJlqL3EnqABOLzJN-7BPy8Fir9YNjcDZGK4ibNVHGGLP8hkXjEp7z4YdduLpSi9D5m-7lsLTUzWiocJ275G_qJmhqQACQEgBJpf7xt79sXOd53SJ2Z_FtOklIRWvc4wRwmm0sLkQStEAH1WDO9OxAKogKIc1AwtvRquHm4nx1BxxGA0B9WSm_L6MIYqOOeRmzAFOSncbp0HaeU_x-uTn406oUQ_EEtCaBR8-e3n7jRXavGmw1J6RF4Ob7NCPcjPamwRBqJk-hGMQWU9sN5RV8FIWUUqbeUJwgSDOdHX9ff4pp1bGAfYafk20jSpscjjNDVS7I25c_mWUcWMAUoxETEuec3f48kGbytB14nng6XU1FfeYBuaj43PEvlZ6gEUG9DaaesoyXK2tHVhAz9mEL-cgrDjbI2XkeNZ6m_jqcMMCvZcG9QkFEIXm9qX4rYHVRKmbvbQwP9_Dyd2rlZoE6qpA25-HFJKWQHqwLdHclv_A7WY_23EIpa8Y9NU0HdqbPKOC_xcLguliNDox7fX6Q05Rph2gyTDHIcrxXBfWxc_hTt8AFTioTBCZgGb8v_sPHdYT5pl5A9BcYUvJoL7snFELWLN1ZCDY-lJsSr-50tQ-ift9juxcTI6gTZCV_f74efGYwh2T_QG2Vy5OQfkyibr87a_585Fs33NL25GgYyopLJY8fwBMa6_zfimL7biUlH0qwRdj8ASzzjWnpbscGVXDmbUUEmNIzzGlLAAtzU2Eow9gaJvXYWSgGYkZ4j5bd-gdlAEcObR-JyOqFIthZlFOQT1-zykUpqd5YpQeMXYrIgE_ixt4-TsW_THYcEqdQBOMmeJCIKyMFBdPehyhnI1NXVF70_U9uRlLgnhlsHv-HH3rF3M3GJS7QveWxxoFlu7Wjf6Jj_jUN9Bvfjn5qrkWyIjQOkoywyip7HF-&sai=AMfl-YS8jz5jkqHBzOCx0k_h67ezSWgAkhA6lgwhLITf30D5M1qCrJDiZqmWi3XcvXV7BDYcAckCCCVGKX7solVaIE6SjUV1wc3sYl17KPFfLwMwKXu_byOmI0qr7RlnKLlSL7aLDNHHiVcdMZKh2sNIdxzFeESi6sPLfcgsWFkKvc4su7txuGEq_wsYQ2_Rzh2v2134ZLPjUxEx61p-f7CsyEhfcV95TMOAaEf_xUu46x94h5OqBScem1Q7etj6z5MNol2ovz27TwjmUpGDLm7RFowbMWbji5QUL3OKRjKSAwBbhPJKBhkYKILTK7YWw5_7&sig=Cg0ArKJSzHwgAOQeS5dhEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=765&cbvp=1&cstd=761&cisv=r20240108.15259&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 14:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usersync.aspx
dis.criteo.com/dis/ Frame 39E1 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQf7SZ2DBnAlCJlBcMrMZJQxVCqW9f2slt1DzO_w8iySUMJL-wI1PKRRxUsv78guVoyosmHswgIib1pOLGzw6fLvOChnIHQ&google_gid=CAESENQl8E056mrejXsr_2FNnVY&google_cver=1
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:25 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
335271
expires
Fri, 12 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 39E1
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPq7pYDdYXDMQSPfUEQsN_o&google_cver=1&google_push=AXcoOmRl4dm4KkMWPmOy5jmwSJTeG5KoCYPHpReV1Nm7Kdy6zrBxoLFf47hJuDDOG8bn3t0iT0ERSB...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRl4dm4KkMWPmOy5jmwSJTeG5KoCYPHpReV1Nm7Kdy6zrBxoLFf47hJuDDOG8bn3t0iT0ERSB7_zBf9wb-PIwZAutqmWaLr&google_hm=MzYxODY3ND...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRl4dm4KkMWPmOy5jmwSJTeG5KoCYPHpReV1Nm7Kdy6zrBxoLFf47hJuDDOG8bn3t0iT0ERSB7_zBf9wb-PIwZAutqmWaLr&google_hm=MzYxODY3NDg2NTU3NzA5MDQ2Nw%3D%3D
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRl4dm4KkMWPmOy5jmwSJTeG5KoCYPHpReV1Nm7Kdy6zrBxoLFf47hJuDDOG8bn3t0iT0ERSB7_zBf9wb-PIwZAutqmWaLr&google_hm=MzYxODY3NDg2NTU3NzA5MDQ2Nw%3D%3D
date
Fri, 12 Jan 2024 14:21:25 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 39E1
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEJtelJzkLm0OMVv6yIKOTiY&google_cver=1&google_push=AXcoOmSDB_MyyQkXRksqVwWOaCdMsBKKctp36GGC7vo3fOxMXLNWAi8L0EG1v-LkACGAdiD2B-8wj-U6yuvvr2lLTjiDWkz...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSDB_MyyQkXRksqVwWOaCdMsBKKctp36GGC7vo3fOxMXLNWAi8L0EG1v-LkACGAdiD2B-8wj-U6yuvvr2lLTjiDWkzrrqRS7A&google_hm=ODk4OTQwN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSDB_MyyQkXRksqVwWOaCdMsBKKctp36GGC7vo3fOxMXLNWAi8L0EG1v-LkACGAdiD2B-8wj-U6yuvvr2lLTjiDWkzrrqRS7A&google_hm=ODk4OTQwNzI1NDM1NDAwMTQ0MA==
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSDB_MyyQkXRksqVwWOaCdMsBKKctp36GGC7vo3fOxMXLNWAi8L0EG1v-LkACGAdiD2B-8wj-U6yuvvr2lLTjiDWkzrrqRS7A&google_hm=ODk4OTQwNzI1NDM1NDAwMTQ0MA==
Date
Fri, 12 Jan 2024 14:21:26 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 39E1
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQVxTYVZ9OTLzaUu3vn4P4C2enkS4798TmhqewYC6QtKA9xy_N-poyrXwnTwdWX2YoD8JyB-aXhUDqi4_Thi9hAlACn5eOdow&google_gid=CAESEONXnIL6vgp...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEONXnIL6vgpzq-6aynAjB6U&google_hm=T1BVOThkMWQ4N2E4YWFkNGRiMDkwMDk2Y2FhZDQ2ZDUwZGM&google_nid=opera_norway_as&google_push=AXcoOmQVxTYV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEONXnIL6vgpzq-6aynAjB6U&google_hm=T1BVOThkMWQ4N2E4YWFkNGRiMDkwMDk2Y2FhZDQ2ZDUwZGM&google_nid=opera_norway_as&google_push=AXcoOmQVxTYVZ9OTLzaUu3vn4P4C2enkS4798TmhqewYC6QtKA9xy_N-poyrXwnTwdWX2YoD8JyB-aXhUDqi4_Thi9hAlACn5eOdow
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEONXnIL6vgpzq-6aynAjB6U&google_hm=T1BVOThkMWQ4N2E4YWFkNGRiMDkwMDk2Y2FhZDQ2ZDUwZGM&google_nid=opera_norway_as&google_push=AXcoOmQVxTYVZ9OTLzaUu3vn4P4C2enkS4798TmhqewYC6QtKA9xy_N-poyrXwnTwdWX2YoD8JyB-aXhUDqi4_Thi9hAlACn5eOdow
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
326
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 39E1
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESED8NyMEHTzvXYtQw2TcALzI&google_cver=1&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDY...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-c5c8qjEYcNAzsZ1WCtWLCYV1aqQyrcC9CgKP0aeq1A&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8...
  • https://cm.g.doubleclick.net/pixel?google_hm=NVduaRzUeHN0hr0s1SBz&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ&google_nid=inmob...
0
0
spacer.gif
an.yandex.ru/resource/ Frame 39E1
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEJI-5MAz5dDwifuz9K0bU8s?ext-param=AXcoOmQqjZjTZhFU0aDY7fQSY4m0FvYPw-6qxB5bV7U2HZwYGQPa70ezLFWdovcdyHYig7q9eGpOqwSvgIc6T9yAemy-qegcuRYWKg&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEJI-5MAz5dDwifuz9K0bU8s?redir-setuniq=1&ext-param=AXcoOmQqjZjTZhFU0aDY7fQSY4m0FvYPw-6qxB5bV7U2HZwYGQPa70ezLFWdovcdyHYig7q9eGpOqwSvgIc6T9yAemy-qegcuRYWKg&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJI-5MAz5dDwifuz9K0bU8s&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
2a02:6b8::90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 27 Dec 2024 14:21:27 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 39E1
Redirect Chain
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEG-9_EtvsJ0kgJ28nDv1M3k&google_cver=1&google_push=AXcoOmQ-Bi7gApNZiRvU_tLiYm7Vt21aVIzpIfxdvHjX4vh_W1Zzdt9M26FEbmiMguVfoWxM_TFHKvxKMq9X3up4ditmqY...
  • https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmQ-Bi7gApNZiRvU_tLiYm7Vt21aVIzpIfxdvHjX4vh_W1Zzdt9M26FEbmiMguVfoWxM_TFHKvxKMq9X3up4ditmqY0ESUJ2GA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmQ-Bi7gApNZiRvU_tLiYm7Vt21aVIzpIfxdvHjX4vh_W1Zzdt9M26FEbmiMguVfoWxM_TFHKvxKMq9X3up4ditmqY0ESUJ2GA
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 14:21:26 GMT
strict-transport-security
max-age=2592000
server
nginx
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-language
en-US
location
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmQ-Bi7gApNZiRvU_tLiYm7Vt21aVIzpIfxdvHjX4vh_W1Zzdt9M26FEbmiMguVfoWxM_TFHKvxKMq9X3up4ditmqY0ESUJ2GA
x-yak-request-id
1705069286242-b7ea404e48a2803fb43dcc6311d9c952
yak-timeinfo
1705069286242|1
cip
38.132.118.69
alt-svc
h3=":443"; ma=604800
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 39E1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L2oXkpKk-HJSVVdsUgFsdtAmplxU3Yl1QrOS3bD6dGc6EwmWjxt29laay_XmZUWK_U9ZjvfNB8Up4
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
ad.doubleclick.net/pcs/ Frame C0AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssarv-HIOaNUzfnGM5oHlugWRsvR__f3S7MUngt3zjR8_OpkewAWjMW7jMAltxdIYJHTs3EZOuJ6CYKn0ir_DJ47Se9BedSTu1XzEbuL9K-E1WMCIOcAjRm7IkIGvPk7f7wC_wzt1duIxVzF0RZvcVBCEdJNHFI-W_5bt3DxGfEO2SC-TIAQwCVN5CClKpq6-hjhed7fG-G2mDIFj7PFDbshG1hP7asxh6m24sf110emHOlaQMKCw4F3jXt1Un7ylIUNxFf1A5r53iSPADorKflymvOj2yBmhOo-1JQr5WhG5Lf0Rh-LGrpZAcIzWrMTB_mD96y-zbGTYQoG8K1U6soSKkD_e2GNgOC-I_vntDKK71Q6XDOi-TpYf00ayLCIY97VyGmjTT6h6jKoDIt1m2EaemZsT3k1foViSX2_fvSNdfC0DWd1TMhtrevSohFZnBtSudQTDznlcv-Bbnp8Y7g4zI3U0S8P-rXLkk0shuvOBHCVFfFszHCnruP1Q9n9IjQtyTnpQCv9ejVosHzB0rvCSvRo-MW-CC8X0Q9F9_tiQuvgSZSZpLuJ7ExkAbhkY433zkH01jx4O-e3UhvA2LsIUJzPLxzR_ND9nYVyI5X0heO2IFsAk_nwHT7ZYJGQUz4Qgf7WkVgT_NWgqBV0DDNJ-ww0K-a5M81MpuW7S-KTPlzBqH5Cl90AzlJLKJlSjZzdsMvbqY0Xhp1t4Z2H4NcxjjnjaXQCY3oimXBZI8bT3Ni0UuyQ77lhWL9Y9WR9Xw9X3mMzWM-r00umNXGC-aPHsQS4tgLhiqL_vG_pJz2PHUD5sUtsgiUcphVY0CrcPVmwSXXTOqH9kOXhbADQGawTEBYTINoMX1WJCfF8Fo3wDiWYc4SEqQeqsOz6v0mj774jjQY_VXZmJSnweTZ3SkwJKWL2r6Ypda_HcNujx-poKlh-smDv8Xz77_HBT6B_l9gKmo-PyYqae5Jx5588xnxjlciELixHrTiEbxE3JIA_H0YRLr0nQ6W086OnVabjcxWaLpDGk7Gqi70X_CWylxbJwyQZceqZTqx2fKwYaUGXzlOGofJ5kXHY07Ye5zwglSNX6dA-Vm6vWD_1hgX9dJH4uA-znGhXK1Gv5DnQ2PcbgejysdpA2ccWAt1lzGh33ni_JxAJHcJwwESUzLIyRjKySka2ZB03G4inx-HSpXpBkSlQzBkKwet4XS9rIWcYMJ6cynKiibEXxlWbRLVmcYLQ9XNv9zcW5_aMdfzjBIZ4MyoZEdOyFZ3u2KDqS_owu2VaS7vNkBUdbjoCm_OulfR1TJ1Jg6PtANUdflCyCmxZMtVRAqZ5c5V-F7XlcE-vSIt5TNETvJ1EJuMD1oHrVbeck1ClATzTMt2Z1Jlxm70scRgiRDFGtPQ7tnF57AlnAiatXXp7yJiQKaXOg&sai=AMfl-YSQpurjXEWo44bmOPbwaFOB_LYluXvVkZvXd0Rq1YswtjKpyHWDKbKU5FzlYMS7IASrkGoFDvCFy0IQSVLnxRLw_obFaZ_fYJrxhdtEXkDjbmivQr1TxPMyb9p8IT6OukjgIXBsJX4VFq4tzRICMy8-6aPVGzGQBS7Rr6uPu3sibYMCUq2xQ2RRBTz1xwc7lvsV8aPLiG9vgMvh4m9EU8amWo1zSgHtvunw9iMP9751BY65QZlnrG5v1DcofzK8cUa-XMZSKgUDXXiSh9nakJ5pDzQ8LHqIKPftSqRIw6ZLNlbnuPhkcqy3RXZYCGc5id308bRtXylCu5q9_SlUloSsL7jsnDBvthENnXP7TaQyXrXdTY-VKsMsKSb6EkA_b9jGu8OHL3kDcAdqrD-CHBPOooVdxNv2MhYH2r_v&sig=Cg0ArKJSzIiC7xOwuis-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9oaXNjb3guY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=426&vt=11&dtpt=424&dett=2&cstd=0&cisv=r20240109.18759&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.149 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4a.js
static.adsafeprotected.com/ Frame 5912
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1880958/77369971/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015449892&ias_pubId=pub-6445234841753687&ias_chanId=1&ias_placementId=20881761062&bidurl=ht...
  • https://static.adsafeprotected.com/4a.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2616:3a00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:47:27 GMT
x-amz-version-id
B2DECWousx5u_bYFIOwt8kPa0gFIEK1b
content-encoding
gzip
via
1.1 6db923459285108c300bac42edb0d9dc.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P8
age
59640
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 11 Jan 2024 21:47:24 GMT
server
AmazonS3
etag
W/"2105f244154aad4862ff53a961b1f1a4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
uNmE1V2ozdgILqWORqHS6Si8Uj2m5y3ksH4JdLX63d6hIM0PixbLXw==

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
nginx
x-server-name
app50.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 72EE 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2616:3a00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 12:59:13 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 6db923459285108c300bac42edb0d9dc.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P8
age
11928134
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ThawjqqxdQgBbmivqTFbgKiAaMbJTTNn5JyTTWW2M-JXJyXow5OITQ==
3f4d3332e1b53e56bc0b6534c68f911b.js
s0.2mdn.net/sadbundle/12193516193661502104/ Frame 2CB1 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12193516193661502104/3f4d3332e1b53e56bc0b6534c68f911b.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 05:06:11 GMT
date
Fri, 12 Jan 2024 05:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33315
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34219
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 12:24:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dt
dt.adsafeprotected.com/ Frame 5912 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1880958&asId=cb021740-ff05-c4a5-d96f-ed11c710c81f&tv=%7Bc:13nBar,pingTime:-3,time:184,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:67%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:184,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B172~0%5D,as:%5B172~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u19SXzl+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1a6%7C1a7%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i*.1880958-77369971%7C1i1%7C1i2%7C1i3%7C1j1%7C1k%7C1l1%7C1l2%7C1l3%7C1m1%7C1m2%7C1m3%7C1n1%7C1n2%7C1n3,idMap:1i*,rmeas:1,rend:0,renddet:DIV,siq:68%7D&br=c
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e384:83b1:2e4:8c72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 5912 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1880958&asId=cb021740-ff05-c4a5-d96f-ed11c710c81f&tv=%7Bc:13nBaB,pingTime:-6,time:194,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:194,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B182~0%5D,as:%5B182~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u19SXzl+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1a6%7C1a7%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i*.1880958-77369971%7C1i1%7C1i2%7C1i3%7C1j1%7C1k%7C1l1%7C1l2%7C1l3%7C1m1%7C1m2%7C1m3%7C1n1%7C1n2%7C1n3,idMap:1i*,rmeas:1,rend:0,renddet:DIV,siq:68%7D&tpiLookup=ao:arvan.arv1.arv1.vai2app.site*&br=c
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e384:83b1:2e4:8c72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 5912 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1880958&asId=cb021740-ff05-c4a5-d96f-ed11c710c81f&tv=%7Bc:13nBbd,pingTime:-2,time:232,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1717,beZ:1719,mfA:1724,cmA:1726,inA:1726,inZ:1732,prA:1732,prZ:1776,si:1785,poA:1786,poZ:1820,cmZ:1820,mfZ:1820,loA:1911,loZ:1916,ltA:1949,ltZ:1949%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:67%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:232,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:66,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B221~0%5D,as:%5B221~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u19SXzl+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1a6%7C1a7%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i*.1880958-77369971%7C1i1%7C1i2%7C1i3%7C1j1%7C1k%7C1l1%7C1l2%7C1l3%7C1m1%7C1m2%7C1m3%7C1n1%7C1n2%7C1n3,idMap:1i*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:68,sinceFw:162,readyFired:true%7D&br=c
Requested by
Host: 3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
URL: https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e384:83b1:2e4:8c72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 1076 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 13:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
4731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 13:02:35 GMT
DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
pagead2.googlesyndication.com/bg/ Frame 1D38 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
67775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19609
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 19:31:51 GMT
generate_204
tpc.googlesyndication.com/ Frame D3D8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bCwRhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::84 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
pagead2.googlesyndication.com/bg/ Frame 8693 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
67775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19609
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 19:31:51 GMT
DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
pagead2.googlesyndication.com/bg/ Frame FFD7 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
67775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19609
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 19:31:51 GMT
e45416101126aa8ffd61140aca17c365.png
s0.2mdn.net/sadbundle/12193516193661502104/media/ Frame 2CB1 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12193516193661502104/media/e45416101126aa8ffd61140aca17c365.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 11:00:21 GMT
date
Fri, 12 Jan 2024 11:00:21 GMT
x-content-type-options
nosniff
age
12065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24096
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 12:24:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
aaf5373b3e777379f3e6d7027004d3ee.png
s0.2mdn.net/sadbundle/12193516193661502104/media/ Frame 2CB1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12193516193661502104/media/aaf5373b3e777379f3e6d7027004d3ee.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 11:00:21 GMT
date
Fri, 12 Jan 2024 11:00:21 GMT
x-content-type-options
nosniff
age
12065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2880
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 12:24:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
7a064a6618e703418e656c628a5833da.svg
s0.2mdn.net/sadbundle/12193516193661502104/media/ Frame 2CB1 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12193516193661502104/media/7a064a6618e703418e656c628a5833da.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 11:00:21 GMT
date
Fri, 12 Jan 2024 11:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2492
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 12:24:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
705b1ad5c6b059bb8763c34195f63e79.svg
s0.2mdn.net/sadbundle/12193516193661502104/media/ Frame 2CB1 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12193516193661502104/media/705b1ad5c6b059bb8763c34195f63e79.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 11:00:21 GMT
date
Fri, 12 Jan 2024 11:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2310
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 12:24:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
c771c8ee96293dbc17281806da740afb.svg
s0.2mdn.net/sadbundle/12193516193661502104/media/ Frame 2CB1 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12193516193661502104/media/c771c8ee96293dbc17281806da740afb.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12193516193661502104/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 11:00:21 GMT
date
Fri, 12 Jan 2024 11:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1640
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 12:24:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
SPug
simage4.pubmatic.com/AdServer/ Frame 9B63 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162150&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162150&userIdMacro=PID&us_privacy=1---&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fexchange.pubnation.com%2Fusersync%2Fredirect%3Fpartner%3Dpubmatic%26uuid%3Ddd2574a0-b155-11ee-8571-813a2ca4bdfa%26s2sVersion%3Dproduction%26partnerId%3DPID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 5912 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulu6tFpOepz03XvVkRzZtbeBMLEx-BDFq8QFuaAQWwvUgJIHloQSzN2ZLTWKgeDUrVDSUwyNBx5j7RPgWH6TMdVEkFxOkUcex-0vXRBRvl5P7mAxD0EtikigVbW6w-kyw6mgB8pt51DUR0kwxtL7leWL4G&sai=AMfl-YSyHuvpfGjz7FrGkR3x-U4UbMejhLrjH65POSAjkUKgUH0KoOHfjaFk9ujGVWnUuaoii-XmcIKwdm7q-SnCBBt-1owonk73-Mo49M3SPXp7hvSy4UO1rTMP73rIzR_66_nTtZthjtCzpQ1u-4BA&sig=Cg0ArKJSzI-pYDfVJmMBEAE&cid=CAQSTgAvHhf_Jiz-yIfx7FlV9lOkriR6zu34EvP2hKKVCX_fWIZrAuyaP9aZTcEtUrlH2BkFYTEeaIw_ZIlBXXeoX4NKMz1ohsWRWgQJ_JhxyhgB&id=lidar2&mcvt=1042&p=1110,410,1200,1138&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3205814283&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705069284358&rpt=1226&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag
pandg.tapad.com/ Frame 3977
Redirect Chain
  • https://feed.pghub.io/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&owner=P%26G&bp_id=pubnation&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3...
  • https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&owner=P%26G&bp_id=pubnation&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22...
0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5912 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6jO8F2qr7WYoaD2THK3jQyHVKQziqdhZYi7mqeM5SnJw6_f9Vpp5NPZ62yLQ-DL6dmNY8SOPsjkVsuh1rJfSPDA0gTkgComlEpqBK9dyunN8NxZIQ1ZyaiJlQ6zYinUmnCCLkxAF7QfDwv4sw8J0VNd9XKZ5JgwopQpDdpQ8MvpF-8FTJqIHpdUxBicu20drXfWBdWRtgXJwvuDTWAio&sai=AMfl-YR3-iD8nK6MOHgJsyW6uQg9yrPMkwb2OdkbLOKjEfDNnLKlC-kxkKl8FNxQ538XiacGGVHQxhVMOLPmgcdGsZumo4AqMnIvCXYSqEgks2lMSpWYQ8_6Kd1QufXe4_aUVW8moI6Yl2akgt9qSD9HBEUCHOs&sig=Cg0ArKJSzHpauCID5efsEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
passback_728x90.js
static.adsafeprotected.com/ Frame F3E6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_728x90.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2616:3a00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding
gzip
via
1.1 6db923459285108c300bac42edb0d9dc.cloudfront.net (CloudFront)
date
Mon, 08 Jan 2024 13:43:54 GMT
x-amz-cf-pop
ORD56-P8
age
347853
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:52 GMT
server
AmazonS3
etag
W/"696b4c19d35efd706805137a8a4b3831"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
0l3VgIzexRYBYg5NJJBfXK50LNpOuqXISLQCk0qZRjAuNYFRIkw53w==
sync
eb2.3lift.com/ Frame 1F91 		1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1347
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 14:21:26 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 08E9 		16 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162150&us_privacy=1---
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48143
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 12 Jan 2024 14:21:26 GMT
expires
Sat, 13 Jan 2024 03:43:49 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F684 		281 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---&gpp=DBABzw~1---~BqgAAAAAAgA&gpp_sid=
Requested by
Host: scripts.pubnation.com
URL: https://scripts.pubnation.com/tags/8769/c16e0528c2c3c234ead6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://arvan.arv1.arv1.vai2app.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Jan 2024 14:21:26 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame F3E6 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2616:3a00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date
Sat, 06 Jan 2024 12:18:59 GMT
via
1.1 6db923459285108c300bac42edb0d9dc.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P8
age
525748
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
10216
last-modified
Fri, 18 Feb 2022 23:29:13 GMT
server
AmazonS3
etag
"b1464a7201f691a1e4cf6fc057919d7f"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
JGX1uYxGLpgG7_gGqHPl9mUlw2ZbjrRpaQnVrfuXi49Vyvg7URpfBA==
view
googleads4.g.doubleclick.net/pcs/ Frame 5912 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu__V7jkCcizrBtS0iHoKUOIzkyw8rl-A7HhVu6aXxLitsEylOCcRGN0MWgpeVnwlueguhdf7VL4ZlYXKh8XJsg9gfdAJVb_lY-1GwItqSOQDQ3pXctlv7U7kRHmgQBt4GnxCQhGhudMccGhuCepXknMqEVKAJSpjfVdE9U-6__sZ-eig6N16BwOVvKcHdRagGsL2E5UUgi6in9MuKLp-fb_qKVejw4lbdCX3G--m9z-nIreVynFWpjwZ3eErOTesfUi6cjJY6CX6aO1aT-vDUMBTbOmtMg1JgpKxXYOnXR6N1CpcnoskQUNG-i29mVuqpbc5XFU-BniINIMoASb90aRHc-3_hCrgxcCk27aMYqTzt5tiPMi4F428paIJejKRXn9MtjdL446lZiaDVxY5bfzNyO7hCupjpexPomCaYN6x4SArgYb6-tSRcw9lv5eKC1DV6GT4RAE6kh5xVE7Eh6xKC4HRGWq7Ba9boNSZN_ccSXg1ciPY_yHJ2n-88SBJlqL3EnqABOLzJN-7BPy8Fir9YNjcDZGK4ibNVHGGLP8hkXjEp7z4YdduLpSi9D5m-7lsLTUzWiocJ275G_qJmhqQACQEgBJpf7xt79sXOd53SJ2Z_FtOklIRWvc4wRwmm0sLkQStEAH1WDO9OxAKogKIc1AwtvRquHm4nx1BxxGA0B9WSm_L6MIYqOOeRmzAFOSncbp0HaeU_x-uTn406oUQ_EEtCaBR8-e3n7jRXavGmw1J6RF4Ob7NCPcjPamwRBqJk-hGMQWU9sN5RV8FIWUUqbeUJwgSDOdHX9ff4pp1bGAfYafk20jSpscjjNDVS7I25c_mWUcWMAUoxETEuec3f48kGbytB14nng6XU1FfeYBuaj43PEvlZ6gEUG9DaaesoyXK2tHVhAz9mEL-cgrDjbI2XkeNZ6m_jqcMMCvZcG9QkFEIXm9qX4rYHVRKmbvbQwP9_Dyd2rlZoE6qpA25-HFJKWQHqwLdHclv_A7WY_23EIpa8Y9NU0HdqbPKOC_xcLguliNDox7fX6Q05Rph2gyTDHIcrxXBfWxc_hTt8AFTioTBCZgGb8v_sPHdYT5pl5A9BcYUvJoL7snFELWLN1ZCDY-lJsSr-50tQ-ift9juxcTI6gTZCV_f74efGYwh2T_QG2Vy5OQfkyibr87a_585Fs33NL25GgYyopLJY8fwBMa6_zfimL7biUlH0qwRdj8ASzzjWnpbscGVXDmbUUEmNIzzGlLAAtzU2Eow9gaJvXYWSgGYkZ4j5bd-gdlAEcObR-JyOqFIthZlFOQT1-zykUpqd5YpQeMXYrIgE_ixt4-TsW_THYcEqdQBOMmeJCIKyMFBdPehyhnI1NXVF70_U9uRlLgnhlsHv-HH3rF3M3GJS7QveWxxoFlu7Wjf6Jj_jUN9Bvfjn5qrkWyIjQOkoywyip7HF-&sai=AMfl-YS8jz5jkqHBzOCx0k_h67ezSWgAkhA6lgwhLITf30D5M1qCrJDiZqmWi3XcvXV7BDYcAckCCCVGKX7solVaIE6SjUV1wc3sYl17KPFfLwMwKXu_byOmI0qr7RlnKLlSL7aLDNHHiVcdMZKh2sNIdxzFeESi6sPLfcgsWFkKvc4su7txuGEq_wsYQ2_Rzh2v2134ZLPjUxEx61p-f7CsyEhfcV95TMOAaEf_xUu46x94h5OqBScem1Q7etj6z5MNol2ovz27TwjmUpGDLm7RFowbMWbji5QUL3OKRjKSAwBbhPJKBhkYKILTK7YWw5_7&sig=Cg0ArKJSzHwgAOQeS5dhEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1731&vt=11&dtpt=966&dett=4&cstd=761&cisv=r20240108.15259&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: arvan.arv1.arv1.vai2app.site
URL: https://arvan.arv1.arv1.vai2app.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 14:21:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1076 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BjSJr5EqhZf-vO_uRnboPuZa_wAwAAAAAOAHgBAI&bg=!vL-lv_DNAAaumcC-jpk7ADQBe5WfOGi5GJ4FcoBBaQHNl8C4uCcBm7E5JcptPiPelKYNeLgOScGfQVDoV7dDrviCyC9HAgAAAn1SAAAABmgBB5kDF8qU1yiMTMoFBdeox7jwtpRt0fZfvxw0tjDVwnlzjTlIH08co-qF7rFcCjCDZKS8eCcTIY-yQ5RqRcuNQM09s9Imtzm168AVExJASf8x5XcaowvF47H93zmSyXbq8cSRjvQ53cCe42UiIEoYF-NSli8k2yUBGnJbh7FO7hKQ2Taerv9i9sVD0rKFHjEozaU30GaDSHMVB1MpadGKPcc6O3ysus4hafy9c-d0aYSQ_AgXxrCKKQUcdfM-0ugJIuGK-b3v7t-8brh944FOtWAdCQ5EhMzGQWiSphX6Vu1lYx90i-_u6846nBRdLQxDU0ilrYEw14LlaiFZct-pPvLPIP0w6ZddKGe0kH2NmeZoUGci5CIq8Ii1TLITa8qZty-i3GoGgzfYbzh4bir7aTGFGzEHd6uAqTnfh4Yg0_VhvXCEAEcTkfZxtNJOYkTaoiCG7Daece--lCI56WEszqYOjeYQk6WmnCdalreVC4CWYE7RMCG53TSH7w1uudwLn3MRs51qfmQuI-PH3mqAKVGsKGvuRm778sXCs1TPsNtFQ5iOxDLBm7ihdzBtDpxZvrzMexk1HxwA44NmYLcIK3_qJcl9zk-2rrTr54VLshG8pY-QEGd26IrdPNZtAUTUxUXvy1JYfbTp8wc2mBQlN5uxmGxdyw1CxyDnQQrTQuzD7jPlSq9tE47lQQV598hSNMSrH5fQXf9J0hoKR1pOOJvpRuEoP9wnA4idzVvaQsUNwMSJ-uoJOKCxhvren0U74qTBpfWz_ZreAZx-bwZmk9wh226YkbDLap5L4APRSbgw1_rm9YG-iIAeOXAEs9vScyqdNdOPaEobD7nf6ca4kK8Sr4jhq-w7w1Vsh1y5b1gCiGM8bmHfEv01lNFUil2XlkgzjIGVRKkAJX6ff_IEv3a9P00deQeALGG6UyzI3RP7Mjcb-JtOmsGw3Tq3fuI_6gwyx3smcK2cHx7K-i1CfR7EkGvyjt8gakz01Gr2oFNwVNbwPq19i7dgKfZpqwN0aaYxiJfFodarR8arlzxspHp7ifcerNgYNk4V
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 5912 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1880958&asId=cb021740-ff05-c4a5-d96f-ed11c710c81f&tv=%7Bc:13nBqA,pingTime:-10,time:1185,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIxNiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705069287257%7C%7C53afe08e5c9986667e79a7deea15a562%7C%7Cacc8ce73e974315fdfcc4ebb5f3c527d%7C%7C9b3e322210e11b6ebc72bbc64d65d9a3%7C%7C3c61a64b310a2ea22c0c71bce33c11eb%7C%7Cf06f6e8503ac0881bbcb903e93efbfcf%7C%7Cc578fd3987b5e8ddc759efeb6676a9dc%7C%7C98abdb3771a1f46d2aa719c603288a97%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e384:83b1:2e4:8c72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:27 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D38 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJytD5EqhZY_tI7fKqMwPtOOUgA0AAAAAOAHgBAI&bg=!h4SlhMvNAAZ1R9vHVUc7ADQBe5WfOHjWHTQTlctDVK40NwJIiSG68yFzGQReKwwa54BxQkv5seW79RzNNWMIWngiNa1_AgAAAmFSAAAAB2gBB5kDCgPw64ZLXtoMT2NngfvJbqhuQNWpFi04HRazxloNK9TT1LDYi6R1nacNDNhtG0gSkolM7kLj9VL2GZZVNkTQ94Bs_qjEkCeNIV_wEQ82XXTAUZ0nAR3oCNfZ2AnsAgHBXFPg5nYca26NTZjZWBB__Kz-ur472mvzH0uMCJ2mLXWFu5Cj9RAINg-urYLmyX8AzUbB-dLyNPKZYYcPzJ-xuIWUo_XczayQAV0tDsQoF88Oup901x2BMZ2j2mdleUsXwGPA-np2OxuN-ixLFvDnqex2XPRMWd9g6nj1ZmLpL8LvYZ32yx4t5tIdvxuTT0dibWXjzTh6XATWvjUQ1bbKywas3-rvKN5e9Ol6cDQMA4XfT-E0yfHHsglKbzKvDfebeQxnDVz1fxgdM407wgk5nZoYxiOlnY8Ty8dTahGOp7-auYW5wE91QPifkHzx7WboIFLxo6nuRo4KMp-z-9H4Nlu6P2ltLKKCmc02slvJoTP4fWg8zT2q5_ZZ2dnfoe9n-1NkayGiTScetiNCtJ1uwdNik5tWTY7E-y65E31BsiIfd0V7oUpFhmqmt2N-RMzbrCB8IwfSNOWcmv_Uihxdwefx9Pw1ufcufKDLF_ilMmscmrcGjtGeurPaQOz0bTJH4m3hT0I8pwbIOn76pjs4KkWYwtLBv9oV5F8-v4UMeXNV3La6GG_3oPaALbDu8iK4OyMXkkgsEcJddxZmwO0yNCUQiTXMAYkNAPbfHHtRHi8qSmeW1kKOuCYVOcDQdPdB-JdsKweOEPWVxFEahjAagDq61ZCb79MmJzmnsIg7johuvagGBF029hcD4AuXiBcUVh7cfX12R4OpbGyeTYazL96ywRgFm2k4fg7O_Sse8Zvwr6EHHks1_rIIZTvZEsNW_fEkaz5Y1YYQ2IAg9SK1k6rMDKoW7QfIGHNahA3GfPWozZqyr25IK5gKEYz7qFoHzRhREpLmARwgt8I6xM9oq--4vgSjQQOHykgHXvKbqJW-4xdNUBOaqxMhIdN5YRLfBz2qw9eAZwLXUFg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401100101&jk=1043877398072632&bg=!XF-lXxDNAAaumcC-jpk7ADQBe5WfOM6DfJtjRpZjvA8vqh-d7ineEaQp3zb-DIZR-c-1Ik9Ay98GI6at9sgdCUI7bMLpAgAAA1ZSAAAAB2gBB5kCyhM-OLyukpAwQpym7WTCjd2f3a7wqmKJpDbog25TWPrvStMG2GB-oXnsPnRtwl-PufOs1FkPZNkAKWe5-029rCxCkCI1pc1ZzgaUlXqT9aLzTNsruU4JVp1U-BKaSCZY7TTbS8hhLMYheBDJB1WoPkPD-ruv-lPNr3sVZZ1fr1uVNkWZ5G2Fl8Z4lrbJl4AU3IFGI5afGQHNTIhna0BZu-d196HMNzcy0CF321fYorgxGZw2olZDhDdXfViT4zCprpF2G4RFBRKKDgW3M_DDAKOUsJRND7KrB6CB7lRfgpzbtU-ibPxiwrNlUDAmxxfoEIk39nvTkfOBMQuURZ_kaG1lf_WZ5xNNQs83EFisoMdTmT3UhsJ7imonLrOz2EZFSzSut6L5CW7zCr2fnvNI1wAfvtF7mi-WJrYRuXBcAeBZ0PeTM7YUOl8jmbjjim4iAZ8zJald6hkqGqUTLKC-5o8QwHwGABxZUJcmWlLPyrV_VV7AIugZeS6hVIPk9WQrlO9-WuVd4SPfBUP2SPq3nWWBYz_jNL-YimydlEHqL9zCq2WvxFkPwVUPjo6mXC2o3ev2bnOcF_Kfasck15fDiS_C2ipl3LcUbdqFvpvgUPsIbNya47j6S4h3q0TZoFr6rde12rNosTVvncp17D8NLtZT_Fh-pfFf43viWx0ciyT6KkSPP-nL0i3Velhnx-dSNRHgr7C-jiI3OIwT18yrm8tGMZDFqXGovF92PQxoiIqDXJ9HYfmUHZUudpAkM9ECmLgH0iCkQvbnVHgwbiD6EpIxY6m0r25pqqv59Cvkh3JuDe_a25BWnmMrMvntPB-UMgfrckOgvmigpq_kI9Z5rkTxMkWQDNeF2LUN6MUPJK0fuREhFeQkRUGdMVzOIuSqij3wpwzsT1iGGSDbLrap4YiaVdH0dyD7n3M2j-6CscIqGbnTgxFF-Y2UOw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arvan.arv1.arv1.vai2app.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame FFD7 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BjWLk5EqhZZHtI7fKqMwPtOOUgA0AAAAAOAHgBAI&bg=!LS6lLmHNAAZ1R9vHVUc7ADQBe5WfOKRowqAIaS7jxjIttzFOZtp2lLdlPR38LVPU7FsjF1Q5_omL1V0P0ylHrhOO2HpOAgAAAr9SAAAABmgBB5kDFBUkh6_6R9aTFr19iMxubwuWa1vsaeqVh6AjXIxYdxhngPrfXWb3ObRbO2-RdSQ5HyaZxis0uUyON_nD3SyvS_t0sGr_TOp8pX19LsQtEtMnGC5wQFDeeq_4tGgXpReTIEdC9u169eH5hOow44QV5RJl0rs4ndYv0Hn29283WKLyP6C9atE-AzD9OS6z8EoEfM-AJo5sb4AWAl7wAtYb6Q5lmiKdH1XicQWMp8_ioRZGkv6AWZHsN7RtdB2x9xbodbggiI-waUDLenCs3F5BS6P4bHmpBazhOpWxHhFQxRQAktmhX980-74-ApuoeMlo0Ka-Zmqp9EZ5wnQMJM41ptmLr5r-CezwZjOJFas1TI6wLFiPIwgAzG-hQ03HHDhn39KLLX8-p38X5Cy1jW2_maDzHJEMK9jvvZtbc09DKlquDdOK_vx8BhrfDaJ4RrZ_H3AtTWoO80BGw8NjUH9_qNnGWfWLzhOuiuxJYeXTkJduw4u6gDpdLV6K3FN-CrJh7NeFPQAfCFxrgxgXqMkofxEqKtInOHrm97hQv0MmZjAJHRi6z0kbd7h16SWHEmVmJRBy06-x-uXJWQDg-OE4nKk_3NZtPas6swVwU83qcoPKNvtrVKoVoKCeph2eiXZRn92LYAKmioMX_8C-HQmAYD8Gs1lEIh2J1O7kdVE39ERZ8zejYAlzXcHIW3p1OY4LCdsy6M8fRLNqzlkbsGnSRQiktUTlCJpe5cy5un1UjT3dN2zjhlhaEbez6Y-TqeBb2vPi76BMsKmigWt6AkeWDrCFbqMmsRfBAU71BdixnyqGzsrEl20Vjiz1yYQ3mDbagFIJWiyXwBz16jnI1NYO0N25upqb7O40mNx3MziFYHCwzbPAWQXPZuykzGuvyltlHH44tagmbm2dvX6qDU2P1mYJHHOrJcgoIxLE473XwzIeMI9YIA93zKDMI6D2ohUDM45VlCz1T7JYEllNutuhDGa269536Ct55-8qaSn_VyjjgUgzJ4Q7I22pkAbXdodFSXIglOtAL8TU_2Es-ZRlsQqWnZoQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8693 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BPgma5EqhZZDtI7fKqMwPtOOUgA0AAAAAOAHgBAI&bg=!yMuly4TNAAZ1R9vHVUc7ADQBe5WfOPLZSn-7KQSMwe9ANjRNG6yCqQ1PYh-B50BmOIz4izvscjWCGBnY-9bjSxI6ubd_AgAAAu1SAAAABmgBB5kDEktIHRg4UAEn92UXOOXfT3jzDDSQ4hQru9tqexUWNZ6aZNiirAWc-v4LJUIa03EKr2f1yVK0SijFR70F39V7rOhvv1YXzaKlpl1jriSaqc-GxLUrf1tYO3i7XP7DKCjZZG4M-8kjXnQrcylG4LUMf_yHJwNK2dJ0MkktzkbyqAVH2A2G_gdtpALzyILCXkRZpiYBfRivf3HSgoSI42sJB0ApYnoQBLj0mpWgVZG_BoYlGLtcZFKZgB0eBFUzAqyKHgpu3IjEucGJiQravbVR8iNCWx3yMdOjeZ7oEVGMqAtUKbaBt3_261a4_ioaTJRmOSWWiRpnt0Yq32pBqpKyVr9gqcbxgMnuUaCzR9ZhpVVkz1IopKMm4GB9vFQt2q1E01TZgmrg4SMgRsf6xNgOIfQYGbdAk0cJwm6N27QqTO6rwOf3D05SKydzosym5Z3PqB4ITwrlRNmQbxKBX9yiOnHWSBhEJh4AXnI3fOY5hDD_2PvDDPChX8Tw_FuzqBsqyhIPDe2nnXkqVFtDLQpWF5gDD6mWrqdXU2FY_Pq-OWCHROGXVN0ZgZdqApfj3FVeFzDUCw-Q5tzN9cznSYprflSqf1_3h1YLbZ6BssSf-GO5Sbw_zPUsraq0KxzHSVIn6EZNZBa7PUwy2G0Pa4xMrEXYSHJ5ZsbAQp0niHRjreDLgDBUkTJ48orgLKCLu7znh75RcM1do7UtcHEly0k9TOBdmua8s5y1coLnp1VZ35NBs0yaLER6uwtg2Cm-YULzOcXAGL7B8XEx-I9Ly2OPuVzZNURH4da5o1RjQk0xD_DKHHu4jZePQ054sX3TEk-1lY4ikjKQVPD7lLy_-l9V755lnFTbg5dCFPWkz3oDcuK9gQfEFIL1iouQq-NhZn8Npz1UrNI7enRfuJPECFVbo7ZD8jm9HOynZOF3_nTiwrZZGPmrgYEI2ON7kZsW4kjSWO7sNwFCFC-yB0GjhyzX6pWm13S2W-mqiyOPz9egVYN3zNJb2yPJVdU2pXUmLyKH_VOZSl2lxRjJ39Tie9NsQ4orPQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 14:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9B63 		0
0
generic
match.adsrvr.org/track/cmf/ Frame 1F91 		0
0
ebda
eb2.3lift.com/ Frame 1F91 		0
0
pixel
cm.g.doubleclick.net/ Frame 1F91 		0
0
demand
eb2.3lift.com/sync/google/ Frame 1F91 		0
0
setuid
px.ads.linkedin.com/ Frame 1F91 		0
0
4117923867202039094483
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame 1F91 		0
0
sync
x.bidswitch.net/ Frame 1F91 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 1F91 		0
0
getuid
ib.adnxs.com/ Frame 1F91 		0
0
setuid
ib.adnxs.com/prebid/ Frame 1F91 		0
0
usync.js
eus.rubiconproject.com/ Frame F684 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDXyg-IObSys2J9q9Fsm_uk&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_hm=NVduaRzUeHN0hr0s1SBz&google_push=AXcoOmSYPBzkhBMWEWFFRFBOoLThS7zr7aDCpQk9vye7kFDYZ5xKRAaupjBP-dthba5SSvcWREbIIJF34Edj0dJ7m2G8Wsk5KdY2fQ&google_nid=inmobi_new_eb
Domain
pandg.tapad.com
URL
https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Farvan.arv1.arv1.vai2app.site%2F&owner=P%26G&bp_id=pubnation&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22Hobbies%20%26%20Interests%22%2C%22subcategory%22%3A%22Arts%20%26%20Crafts%22%2C%22liveramp_idl%22%3Anull%7D
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62252041&p=162150&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4117923867202039094483&dbredirect=true&gdpr=0&consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/triplelift/4117923867202039094483?gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=4117923867202039094483&gdpr=0&gdpr_consent=${GDPR_CONSENT}
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4117923867202039094483
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery object| $adManagementConfig string| mod_pagespeed_SjHhGU9ZxK string| mod_pagespeed_Q9zn2Ufc42 string| mod_pagespeed_epZofAaref string| mod_pagespeed_92GgO03Qs4 function| requestInvitation function| requestInvitationFooter object| homePageSettings function| preloadMoreCollections function| showMoreCollections function| gtag object| dataLayer object| mvWrapperJsonp object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp function| __uspapi string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

7 Cookies

Domain/Path Name / Value
arvan.arv1.arv1.vai2app.site/ Name: mediavine_session
Value: {%22depth%22:1%2C%22referrer%22:%22DIRECT%22%2C%22wrapperVersionGroup%22:{%22version%22:%222.94.39%22%2C%22name%22:%222.94.39%22}}
.vai2app.site/ Name: _ga_SG27W8H91H
Value: GS1.1.1705069277.1.0.1705069277.0.0.0
arvan.arv1.arv1.vai2app.site/ Name: am_gpp
Value: DBABzw~1---~BqgAAAAAAgA
arvan.arv1.arv1.vai2app.site/ Name: am_gpp_cmp_version
Value: v2test
.vai2app.site/ Name: _ga
Value: GA1.2.1879337364.1705069277
.vai2app.site/ Name: _gid
Value: GA1.2.2064706944.1705069278
.vai2app.site/ Name: _gat_gtag_UA_198136979_1
Value: 1

4 Console Messages

Source Level URL
Text
javascript warning URL: https://arvan.arv1.arv1.vai2app.site/
Message:
The resource https://securepubads.g.doubleclick.net/tag/js/gpt.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%208CDE2E07-4406-4518-912F-270386807B48&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDXyg-IObSys2J9q9Fsm_uk&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3ce93921a4f5fe76040bb5fa020000ea.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.yieldmo.com
aep.mxptint.net
an.yandex.ru
aorta.clickagy.com
ap.lijit.com
api.rlcdn.com
arvan.arv1.arv1.vai2app.site
b1sync.zemanta.com
bh.contextweb.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
cc.adingo.jp
cdn.opecloud.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
creativecdn.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
exchange.pubnation.com
fastlane.rubiconproject.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
keywords.pubnation.com
lexicon.33across.com
live.primis.tech
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
mweb.ck.inmobi.com
netdna.bootstrapcdn.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pandg.tapad.com
partners.tremorhub.com
pdmp.profiles.tagger.opecloud.com
pdmp.tagger.opecloud.com
pghub.io
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
px.ads.linkedin.com
quotefancy.com
r.bidswitch.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.cdnsynd.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.pubnation.com
sda.fyi
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync-tm.everesttech.net
sync.colossusssp.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
sync1.intentiq.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usersync.gumgum.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.temu.com
x.bidswitch.net
cm.g.doubleclick.net
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
ib.adnxs.com
image6.pubmatic.com
match.adsrvr.org
pandg.tapad.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
sync.search.spotxchange.com
x.bidswitch.net
104.18.36.155
104.18.41.104
104.36.115.111
107.178.254.65
107.21.19.202
107.22.100.252
108.139.47.108
108.156.120.36
108.156.97.238
142.251.111.154
15.197.193.217
151.101.1.108
151.101.193.132
151.101.66.49
162.19.138.118
162.248.18.34
172.105.235.90
172.240.155.76
172.253.62.157
172.253.63.149
173.231.178.77
174.137.133.49
18.160.10.20
18.160.249.17
185.143.233.120
185.167.164.49
185.184.8.90
192.132.33.68
198.148.27.131
199.38.167.130
20.121.97.20
20.127.253.7
20.253.86.149
207.198.113.90
211.120.53.200
23.205.2.235
23.4.232.54
23.40.62.72
23.50.124.22
23.50.125.215
23.62.164.208
23.62.165.62
23.83.76.39
23.83.76.58
2600:1f13:800:7781:e384:83b1:2e4:8c72
2600:1f18:4e9:5a05:65dd:568a:ef48:8f07
2600:1f18:612b:4280:4704:4c85:9700:4b40
2600:9000:201e:9c00:1a:5235:f980:93a1
2600:9000:203a:e800:1b:5138:8a40:93a1
2600:9000:234f:1600:1b:6b7d:2300:93a1
2600:9000:2616:3a00:8:48e:53c0:93a1
2602:803:c002:200::32
2603:c020:400d:3000:67b7:1059:7283:c690
2606:4700:20::681a:1fa
2606:4700:3037::6815:2963
2606:4700::6812:acf
2607:f8b0:4004:c06::63
2607:f8b0:4004:c08::94
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c0b::84
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::64
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c1d::9c
2607:f8b0:4004:c1f::84
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2a02:6b8::90
3.208.244.62
3.215.126.7
3.225.218.10
3.228.188.124
3.231.141.229
34.102.146.192
34.111.113.62
34.120.107.143
34.120.155.137
34.195.158.204
34.204.123.217
35.170.42.58
35.174.121.50
35.186.253.211
35.194.66.159
35.211.118.13
35.211.178.172
35.241.45.217
35.244.154.8
35.244.159.8
35.244.193.51
38.91.45.7
38.98.69.175
40.76.134.238
44.195.244.24
44.213.108.162
50.31.142.223
52.207.45.55
52.223.22.214
52.46.155.104
52.85.249.178
52.86.74.151
52.87.108.188
52.95.125.22
54.146.35.99
54.87.155.248
54.89.198.103
63.251.86.49
63.251.86.51
68.67.160.114
69.173.151.100
69.173.151.96
74.119.119.139
74.119.119.150
8.28.7.81
8.28.7.83
8.43.72.97
82.145.213.8
03c4ffb34c327b7bd98ceedfd8762dde6671f1581d21d37c6038ab128a9b4241
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09d083580822f0f34e1c46e1789daf1246f75a848f630e84ac121d8ee2cf0ff9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
132e1f9fb660f92545f8749a9d944bb18fd87e4cf5b764b061c27f1a0a1c4905
1365fa619a7c788ab7a1d7ef67476b8de0df0c42ccde49989a0abbc842b21e62
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ff7b213205a222f0d65910ba605a494f9c170eea55465474e3cea515a352126
20438aa0ec489547807587826ee4f31f93ad314ff69c0f08a8eb1e1b8699b640
241d80503f2c90bbe544d429b1eb12199f5e5e120119341dcfafdb448f637c49
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
28464c54c5db75e366299c259aea8a393bc179a9dd2c9055b1502d7c071483c6
294bb0752943f8f53fa73cb8bd0932e48f0afcadc039807430b8425cbf6a0bd8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3446ac4fc8a3d78b8615176c34a3d5756f6b6ce11cafe4ee5557502675cc67d9
353e93f031f0ca3e90ace413679b480d7c2c770fe46091b22ffaa5eca06ea628
357a8d96b7787fca8fd0b3591bdb3c5e65b33a61f3cd2f2cb5546002aa31dc5d
381fa71f2506f4fca308444f6dc236fea1dedf9d39cd7de82bb5f7332a0e1ee1
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39b8040e99ed258fdd8d51bbf92cc9bb8ce8a68809fae8e91253971479dd8bff
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2a076c8661dcf8ec45add7b5bf57851e3a5621dbc800af489b753695b3c43a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff3533327d1118f3cbfc3d990854d028d64849760c1ac7d05d0332e152ffd94
404936cffcfb25e5018f32939949071ac7c91990a701ca530343b26b48ced382
40d90a3d2eeb74d807d69c4935de62d6be955d4e67c862a97562cd42f27bb78a
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43cdbb1985231afab309de0be719ef8fe3a81228be641de8b454d1127209f6a7
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45cefc58eaa0637981e03ce0df66ab89809f8327886b1444c239b1ef3d6e4ac4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d56ff305d414c0e55714a315d2c88cd5aee13d0634c23e61344b23c2b337b1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ac6d7113fc6c011230f1200f4640d550d5564720ff096055bf2c49cc54addb9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5d4728483f4b2d31fbd3e11c2818b988c86d3e3195248ec8d93923bc148bbb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7c65b5a45011683644475dcc32160c80f52fe466100efff255b3cacd3a1987
51f28f9784abf00df842d30c92f765a3f393356306553e320c3ebaa1f1d60491
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567aa7a7b70f17e0c68e874ff1100f2c14e99438a75ef7c09d33953c9d5d817d
58cc196d11d355db996638034106778ef7c5cb20a7122783ae9b85f1ccda8e90
59d28c947bc16ddcd238e84fc9ee0a23fa5565a08c05496df32a5fa41430323d
5bd35e57f11c9d87c7f5d0ee7c43439ba12a4598e7f7fbfcca056e93d532660a
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64a4ed8872228e80f2ef6519ae6f19200ddd5da2670cdbcb30eeb8ac46e09a63
6856edfbdc4a824905517637532686119bbf7aa062eb146afd10ab29ce846c06
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b923440366626dfc600c9bf97a330b2f70435f451f8cb90133ccbbad952358f
6c200f99eac66fdf4ca9a9817fdcd86c48ca228f25e593462e11a980659a189d
6c9ca839edaf16bccf0b0b10a6cb631f5c3837c14bb19a8ce3db802a26dcf26b
6feedee0b3ff656231324e97f80eac7feb981ba46b89187f0daaa9e058e6f6b9
7116522d6277895ddf41ba03a799f251ff4717cbc8443b4f5e177ac2def9181a
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
727d16acc2cffca6fbc1c1e172bea9b8f24eac8693f331b1a3f2fde7cc89c03b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7536ce4b903fb328a063cf32a41e07cfc78fcf5c50008641abf706c5f8351ab7
76999675936cd1671b6f1a05eaffeb6a34d1d2fc346d4e7c1f4793ac0631591b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79e3cd6cc7210d3f5227953e33e19bab05211c37e1f40fe49f2c644fbb9ee32b
7ae4c978fe0997597c99e7c7c5f4062280aaa344768ff6022ac6115d3d40a49d
7d00bc067a02295551266eab922aba57fbe28fa953b00c571e3d804163df1b45
7efacbeeeedabd529af6444202d3be0ce97d369e2bc4434acaa335dd92abe390
802c58c000f93a53f77bce1b6967ac5f36bc7295303fd9162bb20834dc881baf
80567e417e36a09a448415079f0ff2bc4b2775b6b8d8b2cc9057164ea3af62ef
8154473680346ab110fbf3589e01df7b535b70190f342c5234881ff888e7b37a
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
87371180f5fcd7949401f3dd0159417f0863a778eeb744095df331dc37bb502d
875701e9efd7d7fc0405df7b9b918421bf61ad9e0be8d2a394e26e3e5e4f2dcc
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b29b863bdca3f988cd43eb05e7f881f256b9cd52fd819ffe743ee56dae1d1b8
8b922db515436acccbef2e6f963fadc44016620a4e22dd0e66c2358cf72dedcc
8c4fc04634a28970e4a08a3f3a9e5b605fe4bafbc4a91ba48ecd48a486a61825
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
919266c6589f6572e5c0985fe06bb09c9f4a8eb468c27602429aa07329f34f37
968e5eba51f1ee800cbd6720efe0cf8a0503f7abc30fe090ccf60c3a8f1c963c
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00c2435d3641f05cf8654bd0f2bb96e4334c66720dd4a0cfd6ab306dc2547ac
a0b824fb00f0c50b765512317bc0e93daa203d1b9e2916dad6827fa5fbf45fe5
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a4af3ea6ff18bab36043bbb0c7de1d9e01150241334ceab412c9fe4b8961c2f7
a9ad45fa6d1bbcac41a6b5b4c7ac1b5a3a5582e0550c64cccb7d60d27dbc6e1c
aa863b1f24ed086ab7aa5de96df09eb6587c469c752a797c4ee0ff85d1f5fac0
abd3328d01e4d867f4f56d97288fe35e273103f3cef7d6785d3f550c738dbd49
abd782f99ce8a0e8c96b45aa2e1566398cc237b948c637addc07d7d7be72cbdb
ad66eff437ac9c1c4d663af26bd954b98c274868e22c101a14297ba83be735a2
b06875c6f25ceff58bc6dcf0154717551e6e607cd1ae23fd67d3b15e0bcad5f3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c54fbcc70bd544f4d89d3ea3f738cbbb939e1cd1bd2335172235723ca676ed
b7ed831a8c6054fb3af22526178cc860b9b5bc53afe2172d8b03e0cccabac3a4
ba24896725c75f555776ee09b1ba000865f1c59b82098d665b893685fc528e79
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb33577c51e27e7bde74ced8e82cc34aa741ed95e8bff52919527105e8b3a5a7
bceff1a9d286d3194baea0665f1bdb84e1cceb0b8bd2cecfdfbc963626b48190
bf9e471ad5b9814c0e839a3b3a238c2455ad13886e8f85bf5468fd06182b6313
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c967863004cd438b5c4a79eda36e78e4bc53870a196b00426c5eea50fc15c374
cb85eac28aac3a5eadfae1987d8a85466173cd1ab80dc64491ff512982343d79
cd0e2eaa3ec95e9399129e0f9d3282c18650afbbd9d248a4ecc1e2c3ba0084ca
d356a2420119ba1e1094ea5528809b643a054dfa9481f6d5c18aa3028156148b
d3ab5f1569d7c7492be2ec103f023fecd73113f00dfe0b456fbfc38bda1f0de7
d51e3cec7853e819eb646d126545ae8d3792a48e3849c4fcb5af41e6aca92500
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
dad622ecba07a2ca8bc1ecfedc9c5ef62675d26e8faa0b41d1d71e50677e1d5c
db767c8040e35c989435efa49c01a18b92aa75c60b6c37c924288ecff2a19fb9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df132526a4b911ac18910ada4b3f3cd57ec5b42e1680ea30765bcb8fd45e237b
e073b62a5bf693168414d9215125147580b57596cf098ed4720acb46382208a5
e3328cc9c73a6bccd3519e40902a9ba1aa0f0ac5e9a4fe38d328f08a4afd6f7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bd0f5797f0ca557016430f65ee5b887dd0adcf369c0e812a4970f85f75f246
e7dc2d96e7b17036114e965bc4fd20227f0285f0e0a7530015fb57e6ee3a959c
e8b63550d4bffc7e0f4a72b019a88e548567a0820b912b6bd5efa3f0de29a9eb
ed5413685378401839d0b05c232052d58018dc1a581d0db1411af0cc57e5e57e
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
eeea33ea41591acd8282ffa0c35f3ebf52f3399bb017e83105f72961dcac68e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff63b5eee728ea6cc6b8f8553b7afbb3f09a1c60b1ce22b1ac41386068373c1
f0e161ef29e72de0ae119f8f2d6fe074c904c5d9d6a11d90c5ca572c2df98db3
f0f5152bbe44ff19f51dea98aa045e22649d99fa38dc00e62ad336a1b0936af8
f481f0672c684da577cae9c6dfddcefe1498a674d1df36b7198388ffb1478f82
fa97f9309fdbf4f72536b0ed0f65cf23e21f52f81a9c6d1c716091b2eebed821
ffb80624264fb2038baf8456a09804e1e009afe7d642235beaf65dfea1de6fae