Submitted URL: https://www.updowntoday.com/
Effective URL: https://updowntoday.com/
Submission: On March 07 via api from US

Summary

This website contacted 54 IPs in 10 countries across 58 domains to perform 173 HTTP transactions. The main IP is 3.126.196.163, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is updowntoday.com.
TLS certificate: Issued by R3 on February 9th 2021. Valid for: 3 months.
This is the only time updowntoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 41 3.126.196.163 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 142.250.186.66 15169 (GOOGLE)
1 143.204.209.27 16509 (AMAZON-02)
1 3 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 51.89.9.251 16276 (OVH)
1 3.124.142.110 16509 (AMAZON-02)
1 178.250.0.165 44788 (ASN-CRITE...)
2 5 185.33.221.90 29990 (ASN-APPNEX)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 136.144.59.88 54825 (PACKET)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 18.156.95.187 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 63.33.123.138 16509 (AMAZON-02)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 54.36.109.166 16276 (OVH)
2 2.18.233.180 16625 (AKAMAI-AS)
1 151.101.113.108 54113 (FASTLY)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2 213.155.156.168 1299 (TELIANET ...)
1 21 185.64.189.110 62713 (AS-PUBMATIC)
1 54.228.192.197 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 188.165.137.78 16276 (OVH)
2 2 213.19.147.150 3356 (LEVEL3)
4 4 52.16.108.17 16509 (AMAZON-02)
1 1 213.19.147.151 3356 (LEVEL3)
1 173.231.180.197 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 2 199.232.137.44 54113 (FASTLY)
2 2 3.127.92.82 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
3 7 142.250.185.98 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.106 62713 (AS-PUBMATIC)
1 159.253.128.183 36351 (SOFTLAYER)
2 2 37.157.6.251 198622 (ADFORM)
1 1 185.29.133.52 30419 (MEDIAMATH...)
2 2 18.156.0.31 16509 (AMAZON-02)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 3 18.195.54.133 16509 (AMAZON-02)
2 2 3.125.253.138 16509 (AMAZON-02)
2 2 151.101.114.49 54113 (FASTLY)
1 1 66.155.71.25 13768 (COGECO-PEER1)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f00... 32934 (FACEBOOK)
1 1 35.186.193.173 15169 (GOOGLE)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 52.57.49.235 16509 (AMAZON-02)
1 18.180.1.224 16509 (AMAZON-02)
2 2 35.205.207.25 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 108.161.188.192 33438 (HIGHWINDS2)
1 142.250.186.34 15169 (GOOGLE)
173 54
Apex Domain
Subdomains
Transfer
41 updowntoday.com
www.updowntoday.com
updowntoday.com
105 KB
28 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
47 KB
26 googlesyndication.com
782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
94 KB
15 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
154 KB
9 bannerflow.net
c.bannerflow.net
96 KB
7 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
2 KB
6 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
22 KB
6 google.com
adservice.google.com
www.google.com
1 KB
5 ampproject.org
cdn.ampproject.org
99 KB
4 adsrvr.org
match.adsrvr.org
2 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
2 KB
3 gumgum.com
js.gumgum.com
g2.gumgum.com
rtb.gumgum.com
37 KB
3 ezodn.com
go.ezodn.com
ezodn.com
g.ezodn.com
170 KB
2 avads.net
ads.avads.net
613 B
2 3lift.com
eb2.3lift.com
942 B
2 2mdn.net
s0.2mdn.net
41 KB
2 googletagservices.com
www.googletagservices.com
62 KB
2 dotomi.com
pubmatic-match.dotomi.com
dclk-match.dotomi.com
207 B
2 everesttech.net
sync-tm.everesttech.net
724 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 adform.net
c1.adform.net
823 B
2 fiftyt.com
visitor.fiftyt.com
990 B
2 semasio.net
uipglob.semasio.net
1 KB
2 tapad.com
pixel.tapad.com
616 B
2 w55c.net
pm.w55c.net
2 KB
2 taboola.com
trc.taboola.com
match.taboola.com
560 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 criteo.net
static.criteo.net
51 KB
2 gstatic.com
fonts.gstatic.com
60 KB
2 ezoic.net
g.ezoic.net
133 B
2 googleapis.com
fonts.googleapis.com
2 KB
2 google.dk
adservice.google.dk
2 KB
2 onetag-sys.com
onetag-sys.com
1 KB
1 bannerflow.com
shared.bannerflow.com
76 KB
1 adingo.jp
cc.adingo.jp
44 B
1 adkernel.com
dsp.adkernel.com
233 B
1 ctnsnet.com
gcm.ctnsnet.com
481 B
1 atdmt.com
ad.atdmt.com
1 KB
1 playground.xyz
ads.playground.xyz
485 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 quantserve.com
pixel.quantserve.com
542 B
1 turn.com
ad.turn.com
518 B
1 mathtag.com
sync.mathtag.com
680 B
1 simpli.fi
um.simpli.fi
609 B
1 zeotap.com
mwzeom.zeotap.com
594 B
1 contextweb.com
bh.contextweb.com
461 B
1 adgrx.com
cm.adgrx.com
408 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
650 B
1 erne.co
green.erne.co
327 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 bidr.io
match.prod.bidr.io
430 B
1 id5-sync.com
id5-sync.com
927 B
1 a-mo.net
prebid.a-mo.net
764 B
1 advertising.com
ads.adaptv.advertising.com
216 B
173 58
Domain Requested by
40 updowntoday.com updowntoday.com
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
updowntoday.com
tpc.googlesyndication.com
cdn.ampproject.org
14 simage2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
9 c.bannerflow.net s0.2mdn.net
c.bannerflow.net
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
www.googletagservices.com
7 cm.g.doubleclick.net 3 redirects 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
7 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
6 securepubads.g.doubleclick.net updowntoday.com
securepubads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 match.adsrvr.org 4 redirects
4 ib.adnxs.com 1 redirects go.ezodn.com
acdn.adnxs.com
3 x.bidswitch.net 3 redirects
3 www.google.com 1 redirects updowntoday.com
3 gum.criteo.com 1 redirects static.criteo.net
3 adservice.google.com updowntoday.com
securepubads.g.doubleclick.net
2 ads.avads.net 2 redirects
2 eb2.3lift.com 2 redirects
2 s0.2mdn.net updowntoday.com
s0.2mdn.net
2 www.googletagservices.com securepubads.g.doubleclick.net
updowntoday.com
2 sync-tm.everesttech.net 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 c1.adform.net 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pixel.tapad.com 1 redirects image6.pubmatic.com
2 pm.w55c.net 2 redirects
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 ads.pubmatic.com go.ezodn.com
ads.pubmatic.com
2 static.criteo.net go.ezodn.com
static.criteo.net
2 fonts.gstatic.com fonts.googleapis.com
2 g.ezoic.net updowntoday.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.dk securepubads.g.doubleclick.net
2 onetag-sys.com go.ezodn.com
2 mug.criteo.com updowntoday.com
1 ade.googlesyndication.com
1 simage4.pubmatic.com ads.pubmatic.com
1 shared.bannerflow.com c.bannerflow.net
1 cc.adingo.jp 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
1 dsp.adkernel.com 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 dclk-match.dotomi.com 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
1 ad.atdmt.com s0.2mdn.net
1 googleads4.g.doubleclick.net updowntoday.com
1 rtb.gumgum.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel-sync.sitescout.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 trc.taboola.com 1 redirects
1 bh.contextweb.com 1 redirects
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 green.erne.co 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 match.prod.bidr.io image6.pubmatic.com
1 dis.criteo.com image6.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 acdn.adnxs.com go.ezodn.com
1 id5-sync.com go.ezodn.com
1 g2.gumgum.com js.gumgum.com
1 googleads.g.doubleclick.net
1 prebid.a-mo.net go.ezodn.com
1 hbopenbid.pubmatic.com go.ezodn.com
1 bidder.criteo.com go.ezodn.com
1 ads.adaptv.advertising.com go.ezodn.com
1 g.ezodn.com ezodn.com
1 js.gumgum.com updowntoday.com
1 ezodn.com updowntoday.com
1 go.ezodn.com updowntoday.com
1 www.updowntoday.com 1 redirects
173 86

This site contains links to these domains. Also see Links.

Domain
g.ezoic.net
Subject Issuer Validity Valid
updowntoday.com
R3
2021-02-09 -
2021-05-10
3 months crt.sh
*.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-05 -
2021-08-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.gumgum.com
Amazon
2020-11-14 -
2021-12-13
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
onetag-sys.com
R3
2021-02-10 -
2021-05-11
3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-12-26 -
2021-06-22
6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-03 -
2022-02-19
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
*.a-mo.net
R3
2021-01-11 -
2021-04-11
3 months crt.sh
*.google.dk
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
misc-sni.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
www.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
ezoic.net
R3
2021-01-23 -
2021-04-23
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
*.id5-sync.com
R3
2020-12-26 -
2021-03-26
3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-29 -
2021-04-14
5 months crt.sh
*.match.prod.bidr.io
Amazon
2021-02-26 -
2022-03-27
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-24 -
2022-03-26
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA
2020-10-05 -
2021-11-06
a year crt.sh
*.semasio.net
Sectigo ECC Domain Validation Secure Server CA
2020-03-09 -
2021-03-27
a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-10-30 -
2021-04-27
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2019-06-19 -
2021-08-31
2 years crt.sh
*.doubleclick.net
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA
2021-01-29 -
2021-04-28
3 months crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA
2020-12-22 -
2022-01-05
a year crt.sh
*.adingo.jp
DigiCert SHA2 Secure Server CA
2020-03-26 -
2021-04-15
a year crt.sh
*.bannerflow.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-10 -
2022-03-13
a year crt.sh

This page contains 26 frames:

Primary Page: https://updowntoday.com/
Frame ID: 02F967830CD0E70C4F7A6ED119CB55F5
Requests: 73 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: C2CA600DA116099EDEEF160C8DCE5DA7
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 5D7711FF443A7F003F276F75B9A755B4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=updowntoday.com
Frame ID: 092D071E96FD168C46255BFDEF826FA4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 963B80C3EA58D210CB92524381592663
Requests: 25 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1615098506834&us_privacy=1---
Frame ID: 5BF5E996AF8F03DBD2C7630129EADDA6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9C00FADA02D071976696D03E838D29E9
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: BC10928FF44B505B022F2AB7C99C1327
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3074622870793750158
Frame ID: 7A8D871A5578E28C9A597F9BCD346EB2
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 5DB31C30F8F07BF5B965543C0CFB7B15
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936795280274421906
Frame ID: 85AF3FC831562A1C3B16C076D8827974
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZvJmEbOj0ZjeaKdnNqPYWbhk
Frame ID: 23CE8F11161D167CDBF12098B3A397B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003
Frame ID: B8BB5C9937B45B9542B09B69870E8A28
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: C161CBFD082B295A8706C816545E8D31
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B5803ACBB8D1A8E2B7F3EF1F2619C77B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lki5Y6yQfUDI&pid=557219
Frame ID: 89BF809E5DA7D00C688A12ED5549F5FE
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: CC67B66FAF2B0740E3246F4595AA3AEA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kHqSR4yc1LiMTY5&gdpr=0&gdpr_consent=
Frame ID: 98DE94FC552A5A30A6E0B53BC75F010C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: AA62C779712AFED1914AC769BF8E6435
Requests: 1 HTTP requests in this frame

Frame: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 0969B3F056385B129C175271A45D0E1A
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMzFrLTYzT5sc6cWN7eVcWFFow5aDZnsLttXvvNcFNkcwulMKMjgApNKxzIFtX4EAVh2rAcmakliYnd9gjuY_aYxgJAFHwFyqOGAXjobIZjSpPbI54PvKuOVbUyA9Smhv4WSwtGA4l5RsLzG8ivBeCpL8fYDAqK0-5l1xLY9g3ORIVhJJ3Ot2yMfPjfTBjxWXp0MT0oSZoi3SgO0xGltzKa04ZJ261IsHCOULOJLy1Zb5wcOyOPi5TrRAV1bNn5hFfdfiHwYhofiVKliY4FoOfQblUn87jvNqPPdzq_PG3fG8NU2hMOpgvHa32zP65eTIeZSZAXiH8vXbD8QZMZ3WM4IQ4Zr735gqkB2ZH23uUQCd3wMJApxpgD1PjGrK5YehYp2f_jdnvoeoDgOfWZRn_Ri2sETf0y5rQIP4he3Twz-kcJBnqqhVvhAbdVOrU6iXKHwF3YiqrnNae79Ha3tKvGZuUKsTIcb1NqBWtyc9qCMchbRql_xDgocuUTf2qAJOC_NAG_AIL3ok0v8a6b3rT2ijxvKe3hGEQx1FuryuaY_y-GmXW7VgSZp0pmPLoL7831AKBT8qH7pcKae5xUPp8crYJS36-N9rIH2MqabAWDQXt5r6AUMFtMG379baFYLPe0jQFA4epaNQvGBOgKcvUngl3pZTaLq9WR7jKvb11GsEiHmtABPLyHVzX01U-CchT1x3xvgm2SNWTVf5Dax-CUtH94GzusLlWkW1ugoYx1pFZlKHNgxErsbK2f5bNHFj6-14baljW43nPz-_aSsIA6G0gLqoiCk6oME3ElxJGOnc6yUgddxyPFUSUR1P4PXPUp3w2SxN3T1T8AnUMNZse3aveEvW13J0vzc5dtFdBQIZCQvyIsVoFim3b2u4W7otkIcevZhrO8NVdChJv_lL9BW-dlTPLcmL0iJo48goI-zqKu40LtPrx9sBVpCzLOSnIhpYNyZLyzDOLppvzim0H5NgrTOneo_7P8Fclrgc72mVjK8dqiiL5CYuFxHrtlF37xHZciVnZTSUfrKPs5o2J70NdcU8KhC74FXqsY2G2EfaUtZBmbb7c3fWkGI23NTc64vGiXAlegJs3eBI0NFwdxMeDfYMgx7AfiwndPh_LZlRaWya7&sig=Cg0ArKJSzIT1cvUvdMEbEAE&urlfix=1&adurl=&tpd=AGWhJmvBvQD95OW1m-5oJoqrvdVSzGWaOCweb2SpzI_w5IwGog
Frame ID: DD075476F97E0DE869C9792F649E269B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 288C553F33C2F72E1CE5246C720DFD3F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A22DBD67F6A303A06598C976F14F1B90
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
Frame ID: 82DC9B59D48CE56D40C7DCC2B6998943
Requests: 10 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ae8ec1df-88f9-4ce2-a73b-9034d02f3b5f.svg
Frame ID: EC8891E357AB95DA869FE94B6BFD5740
Requests: 1 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: FF5FC35CB6BC544323598E8CCF51DBC1
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.updowntoday.com/ HTTP 301
    https://updowntoday.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

173
Requests

100 %
HTTPS

30 %
IPv6

58
Domains

86
Subdomains

54
IPs

10
Countries

1123 kB
Transfer

3270 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.updowntoday.com/ HTTP 301
    https://updowntoday.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupdowntoday.com%2F&domain=updowntoday.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Eq1vgHxEUG1aVGdnMWt5Q1FXaUFPK2YyckkrT0FjSjFPVWNyZ0tKdEVlQ3ZNQXlQVm5sSHhuc3FBNFVzUFYrdkRNZjhBbmhsM1cyQXZSai9oeFgwWWxSV0hnNzk5TzBuc0E4TFFpNmp1WVhYOGs2eWxxSTJXK201SlR4dEMyTU9uZWFVWkR4dlBrUXFJNE5QNGFQcXZvZFZFZlF4NFMyVC9QcjY3bjlBTEN4bXY2NktuUlRxMWROclZXWXFnV0J3cVd3ZUlZUnh4Y0RqYjkvSVJjSmJEMHpzWlJlTTVZN05iT1pBQ0VkS1JLRUpsTEZZPXw&cppv=2
Request Chain 61
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 85
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3074622870793750158
Request Chain 87
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936795280274421906
Request Chain 88
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZvJmEbOj0ZjeaKdnNqPYWbhk
Request Chain 89
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2286571566 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2286571566 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/9400d0a6-6d95-4fb4-ae38-df41363d79b3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-fd57fb60-4f54-4893-b992-2cff0edacf13-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003
Request Chain 91
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 92
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lki5Y6yQfUDI&pid=557219
Request Chain 93
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 94
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kHqSR4yc1LiMTY5&gdpr=0&gdpr_consent=
Request Chain 95
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 96
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Itq5rfiaSCe7p8T1Megy5Q%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 98
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 99
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&addseg=29
Request Chain 100
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJEQUI5QUQtRjg5QS00ODI3LUJCQTctQzRGNTMxRTgzMkU1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGtPq5ZxXgvtgrkxWuiflD8&google_cver=1
Request Chain 103
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8772386290146331978
Request Chain 104
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c1e76044-728e-4400-959a-508e20d6ff1d&gdpr=0&gdpr_consent=
Request Chain 105
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bd2cb31b-3cf7-4af4-9090-767825de08c9
Request Chain 106
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4750522130641813616&gdpr=0&gdpr_consent=
Request Chain 107
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GCFl2DF1l2L12xEJqsFcBifD0HWdq60-&gdpr=0&gdpr_consent=
Request Chain 109
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8083888559215874712&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 110
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH
Request Chain 111
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=7e39e1a5-3c3b-43a7-aaad-6ff9daec56d7&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 112
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YERyjgAAAFoZlyzr HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YERyjgAAAFoZlyzr&gdpr=0&gdpr_consent=&_test=YERyjgAAAFoZlyzr
Request Chain 113
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 115
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:eb00ed22-2463-4646-9976-a34416e630a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 116
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4750522130641813616
Request Chain 117
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7dd6db99-52dc-4d27-8923-0ae385b067bc
Request Chain 140
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDqBA_Nd61XBKiw0iTwIyko&google_cver=1&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_wlR6jCVTkxHBU6jukCw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_wlR6jCVTkxHBU6jukCw&google_hm=7JCr4RXfSKKr1IY395PNCOs
Request Chain 142
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFATjFetkkBL9lQ096M45to&google_cver=1&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3&google_gid=CAESEFATjFetkkBL9lQ096M45to HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIwMzY5ODA4MjE4NTM1MDA0NQ%3D%3D&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3
Request Chain 144
  • https://ads.avads.net/sync/ggl?google_gid=CAESEG5-0gevhPLECE61pOwQMO8&google_cver=1&google_push=AQvitULK-uDcCcEpHvCrlr2__YunlaDeIzzYhcs0AEe5i9PO3OTgAXquQcOqwDNCIaqAgO21jxlEH-W0ueBaYqOjmjSPB_JfWIKIUq8 HTTP 302
  • https://ads.avads.net/sync/ggl?google_gid=CAESEG5-0gevhPLECE61pOwQMO8&google_cver=1&google_push=AQvitULK-uDcCcEpHvCrlr2__YunlaDeIzzYhcs0AEe5i9PO3OTgAXquQcOqwDNCIaqAgO21jxlEH-W0ueBaYqOjmjSPB_JfWIKIUq8&av_tc=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YmNjZDM3YTYtMTFmZS00MjJmLTg4YzYtZmVkNjc0NDBkNjcy

173 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
updowntoday.com/
Redirect Chain
  • https://www.updowntoday.com/
  • https://updowntoday.com/
86 KB
25 KB
Document
General
Full URL
https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
40b47f8f2a8aa15e80567ce7d818f9b3a51c99adb6ef60f61fbc475c316166fa

Request headers

:method
GET
:authority
updowntoday.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 07 Mar 2021 06:28:26 GMT
display
pub_site_sol
expires
Sat, 06 Mar 2021 06:28:26 GMT
pagespeed
off
pragma
no-cache
response
200
server
nginx/1.16.0
set-cookie
PHPSESSID=i37r9g1esibaed7fvd67ankq45; path=/ ezoadgid_244871=-1; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 06:58:26 UTC ezoref_244871=; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 08:28:26 UTC ezoab_244871=mod54; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 08:28:26 UTC active_template::244871=pub_site.1615098506; Path=/; Domain=updowntoday.com; Expires=Tue, 09 Mar 2021 06:28:26 UTC ezopvc_244871=1; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 06:58:26 UTC ezepvv=0; Path=/; Domain=updowntoday.com; Expires=Mon, 08 Mar 2021 06:28:26 UTC lp_244871=https://updowntoday.com/; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 08:28:26 UTC ezovid_244871=1600165624; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 06:58:26 UTC ezovuuidtime_244871=1615098506; Path=/; Domain=updowntoday.com; Expires=Tue, 09 Mar 2021 06:28:26 UTC ezovuuid_244871=dfb08f56-a679-467b-75a5-afe5ed673475; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 06:58:26 UTC ezCMPCCS=false; Path=/; Domain=updowntoday.com; Expires=Mon, 07 Mar 2022 06:28:26 GMT
vary
Accept-Encoding User-Agent,Accept-Encoding
x-middleton-display
pub_site_sol
x-middleton-response
200
x-sol
pub_site

Redirect headers

cache-control
max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html
date
Sun, 07 Mar 2021 06:28:26 GMT
display
staticcontent_sol
expires
Sat, 06 Mar 2021 06:28:26 GMT
location
https://updowntoday.com/
pagespeed
off
response
301
server
nginx/1.16.0
vary
Accept-Encoding Origin,Accept-Encoding
x-middleton-display
staticcontent_sol
x-middleton-response
301
x-sol
pub_site
content-length
101
integrator.js
adservice.google.com/adsid/
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=updowntoday.com
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
dall.js
go.ezodn.com/hb/
257 KB
75 KB
Script
General
Full URL
https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:59e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd91996ae2e8edb6395b041cc66625a0c1e02a322e90ff0a7c208f8b8f6d4157

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
341990
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZGvIhNEuKHqK9CnIN5htuMGYUXxP7qguMkl3DZULfpr48Q2mFIuOF9oxcQ4L0oLUZeBWhhJ7sF%2B7YcdlSONtM2x6zer%2B07jUp%2Fan4W3uoF78xQw9TojjobE%3D"}]}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
62c1c3819a5405ed-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08acf884ff000005ede3358000000001
boise.js
updowntoday.com/detroitchicago/
983 B
518 B
Script
General
Full URL
https://updowntoday.com/detroitchicago/boise.js?gcb=192-0&cb=1
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
426
style.css
updowntoday.com/pages/desktop/
13 KB
3 KB
Stylesheet
General
Full URL
https://updowntoday.com/pages/desktop/style.css?1615098506
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
909dde01f9dbb1039af7e3bb99e8e90a0d6e1831d1e056121b2c092b8966abe5

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
response
200
last-modified
Sun, 07 Mar 2021 05:11:19 GMT
server
nginx/1.16.0
display
staticcontent_sol, orig_site_sol
etag
"603f7571-3480-gzip"
vary
Accept-Encoding, Origin,Accept-Encoding
content-type
text/css
x-middleton-display
staticcontent_sol, orig_site_sol
cache-control
public, max-age=2592000
x-middleton-response
200
x-sol
orig
content-length
2683
jquery.min.js
updowntoday.com/jquery/
85 KB
29 KB
Script
General
Full URL
https://updowntoday.com/jquery/jquery.min.js
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
response
200
last-modified
Sat, 06 Mar 2021 06:45:21 GMT
server
nginx/1.16.0
display
staticcontent_sol, staticcontent_sol
etag
"5bd592c0-15283-gzip"
vary
Accept-Encoding, Origin,Accept-Encoding
content-type
application/javascript; charset=utf-8
x-middleton-display
staticcontent_sol, staticcontent_sol
cache-control
public, max-age=2592000
x-middleton-response
200
all.js
updowntoday.com/jquery/
501 B
391 B
Script
General
Full URL
https://updowntoday.com/jquery/all.js
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
33302d9da48d1fa1f5ce3548ebf2930999bc9542488997e19cb2fe9ac284273c

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
response
200
last-modified
Sun, 07 Mar 2021 05:25:23 GMT
server
nginx/1.16.0
display
staticcontent_sol, staticcontent_sol
etag
"5f96ddd7-1f5-gzip"
vary
Accept-Encoding, Origin,Accept-Encoding
content-type
application/javascript; charset=utf-8
x-middleton-display
staticcontent_sol, staticcontent_sol
cache-control
public, max-age=2592000
x-middleton-response
200
content-length
218
augusta.js
updowntoday.com/detroitchicago/
1 KB
609 B
Script
General
Full URL
https://updowntoday.com/detroitchicago/augusta.js?cb=4
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
73659609288d7036477f63d33e6c3e8575c40a6a1c849b6153b4bd7e0baf710f

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
573
altconsent.js
ezodn.com/cmp/
396 KB
93 KB
Script
General
Full URL
https://ezodn.com/cmp/altconsent.js?v=8
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b92530616ddbefbed0e825e094cd914f17ae899b42152f17028a0073f5eb62

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Dec 2020 23:21:46 GMT
server
cloudflare
age
282429
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T6lPQeTh7%2BQh5k2cdII3Tj5jfmKqxMCw%2BCqNcreQJATSBuhX9stWTCzHytVY1QWse2ffdcAWjaqZTfLnb%2BIFcCMT8HBAta091JXZhdCpb4et0I%2FCSOE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
62c1c381aed64e4a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08acf8850b00004e4a4aa54000000001
ezcl.webp
updowntoday.com/utilcave_com/inc/
1 KB
690 B
Script
General
Full URL
https://updowntoday.com/utilcave_com/inc/ezcl.webp?cb=4
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
x-sol
middleton
server
nginx/1.16.0
display
staticcontent_sol
vary
Accept-Encoding, Accept-Encoding,Origin
content-type
application/javascript
x-middleton-display
staticcontent_sol
cache-control
max-age=86400
content-length
605
houston.js
updowntoday.com/detroitchicago/
3 KB
1 KB
Script
General
Full URL
https://updowntoday.com/detroitchicago/houston.js?gcb=0&cb=36
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
08375cebca0d36f2fa3ec9e027a974146af7161553e4319a418d4cee6b38bed7

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
1153
gpt.js
securepubads.g.doubleclick.net/tag/js/
58 KB
20 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
f8e041458975e71884aecd7832fab1a496aff1c38af68dbe47f7e7c084a7b6f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"804 / 715 of 1000 / last-modified: 1614985959"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19793
x-xss-protection
0
expires
Sun, 07 Mar 2021 06:28:26 GMT
banger.js
updowntoday.com/porpoiseant/
50 KB
11 KB
Script
General
Full URL
https://updowntoday.com/porpoiseant/banger.js?cb=192-0&bv=8&v=45&PageSpeed=off
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
82c8dceb6b0ac37e43dd6870591ed3a1025fe642ffc706a9a116027c600806c7

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
server
nginx/1.16.0
cache-control
max-age=31536000, public
x-robots-tag
noindex
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
memphis.js
updowntoday.com/detroitchicago/
5 KB
2 KB
Script
General
Full URL
https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
1b68431bd479f66f60cca8fef9520547c0f28390680174d8b36c5591085e8393

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
1514
minneapolis.js
updowntoday.com/detroitchicago/
864 B
452 B
Script
General
Full URL
https://updowntoday.com/detroitchicago/minneapolis.js?gcb=192-0&cb=3
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
419
raleigh.js
updowntoday.com/detroitchicago/
2 KB
804 B
Script
General
Full URL
https://updowntoday.com/detroitchicago/raleigh.js?gcb=192-0&cb=5
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
771
tampa.js
updowntoday.com/detroitchicago/
773 B
440 B
Script
General
Full URL
https://updowntoday.com/detroitchicago/tampa.js?gcb=192-0&cb=3
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
407
logo.svg
updowntoday.com/images/
5 KB
2 KB
Image
General
Full URL
https://updowntoday.com/images/logo.svg
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/pages/desktop/style.css?1615098506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
89bf3de8570a10482ca91e099cef7e17d0d7d3c79cea977d13b48d76d77400c3

Request headers

Referer
https://updowntoday.com/pages/desktop/style.css?1615098506
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
response
200
last-modified
Sun, 07 Mar 2021 03:11:25 GMT
server
nginx/1.16.0
display
staticcontent_sol, staticcontent_sol
etag
"5c224865-15d0-gzip"
vary
Accept-Encoding, Origin,Accept-Encoding
content-type
image/svg+xml
x-middleton-display
staticcontent_sol, staticcontent_sol
cache-control
public, max-age=2592000
x-middleton-response
200
content-length
2408
services.js
js.gumgum.com/
97 KB
37 KB
Script
General
Full URL
https://js.gumgum.com/services.js
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-27.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68197ac5c5260bd2d7bf01b44c6828edba8f9a961771de44dc3fecebd98b2cf2

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:27 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 18:13:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"98bba5d1c68ff0b8224a103f1fd2ca86"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
.J9rv0WLpPZGMPgpLV9W_U1_YQM1j6yW
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-meta-timing-allow-origin
*
x-amz-meta-access-control-allow-origin
*
content-type
application/javascript
x-amz-cf-id
WUFy_xa_Z95YeWEyGOW10SmrxN6bvAtqKp2-55F8ot0_C_rquHZcOQ==
anchorfix.js
updowntoday.com/ezoic/
879 B
453 B
Script
General
Full URL
https://updowntoday.com/ezoic/anchorfix.js?cb=192-0
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-robots-tag
noindex, noindex
content-length
383
expires
Mon, 07 Mar 2022 06:28:26 GMT
jellyfish.webp
updowntoday.com/porpoiseant/
58 KB
11 KB
Script
General
Full URL
https://updowntoday.com/porpoiseant/jellyfish.webp?a=a&cb=192-0&shcb=34
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
server
nginx/1.16.0
cache-control
max-age=31536000
x-robots-tag
noindex
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
style.css
g.ezodn.com/cmp/
13 KB
2 KB
Stylesheet
General
Full URL
https://g.ezodn.com/cmp/style.css?domainId=244871&version=0&cv=5fa624ffffff000000
Requested by
Host: ezodn.com
URL: https://ezodn.com/cmp/altconsent.js?v=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:59e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e22a9da44d362f72a06246a2653d10f24cb3c8062ab3d63c93273cb41f212f

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 Feb 2021 23:32:06 GMT
server
cloudflare
age
423876
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4U8TrTVOm0SYYYQUOPT6uT0f4qfbv1VF2ZsHz21YVCV7ZjW9qsfgPgV1OqLK0kKPI%2B%2BOcCH3C1rDwKdI4lgn8X9A54aRLX%2FILyfqviCnr0gNk2sXZ5pE7w%3D%3D"}]}
content-type
text/css; charset=utf-8
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
62c1c382bb7805ed-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08acf885b0000005edd83bb000000001
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupdowntoday.com%2F&domain=updowntoday.com&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://updowntoday.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://updowntoday.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1645
date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupdowntoday.com%2F&domain=updowntoday.com&cw=1
  • https://mug.criteo.com/sid?cpp=Eq1vgHxEUG1aVGdnMWt5Q1FXaUFPK2YyckkrT0FjSjFPVWNyZ0tKdEVlQ3ZNQXlQVm5sSHhuc3FBNFVzUFYrdkRNZjhBbmhsM1cyQXZSai9oeFgwWWxSV0hnNzk5TzBuc0E4TFFpNmp1WVhYOGs2eWxxSTJXK201SlR4dE...
345 B
629 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=Eq1vgHxEUG1aVGdnMWt5Q1FXaUFPK2YyckkrT0FjSjFPVWNyZ0tKdEVlQ3ZNQXlQVm5sSHhuc3FBNFVzUFYrdkRNZjhBbmhsM1cyQXZSai9oeFgwWWxSV0hnNzk5TzBuc0E4TFFpNmp1WVhYOGs2eWxxSTJXK201SlR4dEMyTU9uZWFVWkR4dlBrUXFJNE5QNGFQcXZvZFZFZlF4NFMyVC9QcjY3bjlBTEN4bXY2NktuUlRxMWROclZXWXFnV0J3cVd3ZUlZUnh4Y0RqYjkvSVJjSmJEMHpzWlJlTTVZN05iT1pBQ0VkS1JLRUpsTEZZPXw&cppv=2
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
38f07c7160e5dc7c2623e4150a4b1929e9d259db9f64c8e1e5bc25e5b2dd47f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 07 Mar 2021 06:28:26 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2055
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 07 Mar 2021 06:28:26 GMT
location
https://mug.criteo.com/sid?cpp=Eq1vgHxEUG1aVGdnMWt5Q1FXaUFPK2YyckkrT0FjSjFPVWNyZ0tKdEVlQ3ZNQXlQVm5sSHhuc3FBNFVzUFYrdkRNZjhBbmhsM1cyQXZSai9oeFgwWWxSV0hnNzk5TzBuc0E4TFFpNmp1WVhYOGs2eWxxSTJXK201SlR4dEMyTU9uZWFVWkR4dlBrUXFJNE5QNGFQcXZvZFZFZlF4NFMyVC9QcjY3bjlBTEN4bXY2NktuUlRxMWROclZXWXFnV0J3cVd3ZUlZUnh4Y0RqYjkvSVJjSmJEMHpzWlJlTTVZN05iT1pBQ0VkS1JLRUpsTEZZPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://updowntoday.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2809
content-length
482
expires
0
prebid-request
onetag-sys.com/
15 B
367 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://updowntoday.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
openrtb
ads.adaptv.advertising.com/rtb/
0
216 B
XHR
General
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=EzoicInc
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.142.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-142-110.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://updowntoday.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
cdb
bidder.criteo.com/
0
145 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.27.0&cb=74516874550
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://updowntoday.com
date
Sun, 07 Mar 2021 06:28:26 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8c2cef937c83d593f0ab8cc696a2015b06d0894547ad10445b14e17e14674c8f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 06:28:26 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.44:80
AN-X-Request-Uuid
931f0c6e-ca79-4aec-8a51-480f387b95f9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://updowntoday.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
116 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://updowntoday.com
date
Sun, 07 Mar 2021 05:38:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
773 B
764 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
6a269449dc9a2b38af97bf0d5d04aae94d19d69e1d62f728628de3554e2678e7

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://updowntoday.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
30
content-length
334
nmash.js
updowntoday.com/porpoiseant/
33 KB
9 KB
Other
General
Full URL
https://updowntoday.com/porpoiseant/nmash.js?v=8
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
311a42892bf475bb07fdef468183033b4ed1279be748f72784859988fbd023c6

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
br
last-modified
Sat, 27 Feb 2021 22:40:54 GMT
server
nginx/1.16.0
etag
"8548-5bc5913cf0980;5bcec330b402b-gzip"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-robots-tag
noindex
pubads_impl_2021030401.js
securepubads.g.doubleclick.net/gpt/
283 KB
100 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 09:38:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101872
x-xss-protection
0
expires
Sun, 07 Mar 2021 06:28:26 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=Eq1vgHxEUG1aVGdnMWt5Q1FXaUFPK2YyckkrT0FjSjFPVWNyZ0tKdEVlQ3ZNQXlQVm5sSHhuc3FBNFVzUFYrdkRNZjhBbmhsM1cyQXZSai9oeFgwWWxSV0hnNzk5TzBuc0E4TFFpNmp1WVhYOGs2eWxxSTJXK201SlR4dEMyTU9uZWFVWkR4dlBrUXFJNE5QNGFQcXZvZFZFZlF4NFMyVC9QcjY3bjlBTEN4bXY2NktuUlRxMWROclZXWXFnV0J3cVd3ZUlZUnh4Y0RqYjkvSVJjSmJEMHpzWlJlTTVZN05iT1pBQ0VkS1JLRUpsTEZZPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1171
date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
gzip
vary
Accept-Encoding
integrator.js
adservice.google.dk/adsid/
107 B
799 B
Script
General
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=updowntoday.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 06:28:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=updowntoday.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 06:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
47 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=816644278099550&correlator=1520462990803738&output=ldjh&impl=fif&eid=31060360&vrg=2021030401&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210307&iu_parts=1254144%2Cupdowntoday_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C234x60%7C300x250%7C336x280%7C468x60%7C728x90&prev_scp=iid1%3D56554%26t%3D134%26d%3D244871%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod54%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dupdowntoday_com-box-2-56554%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10061%26asau%3D8948657208%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D79%252C189%252C154%252C67%252C48%252C122%252C81%252C20%252C71%252C164%252C175%252C31%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C608&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1615098506&dt=1615098506980&dlt=1615098506472&idt=474&frm=20&biw=1600&bih=1200&oid=3&adxs=515&adys=102&adks=2010662305&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupdowntoday.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x250&msz=250x250&ga_vid=888551642.1615098507&ga_sid=1615098507&ga_hid=306470338&ga_fc=false&fws=4&ohw=728&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
51e11a7c55044e36f2ce0f57235975cdd61ea8176e65edf0867925cc2ae784e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11000
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://updowntoday.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
466 B
336 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=816644278099550&correlator=1391282387804558&output=ldjh&impl=fif&eid=31060360&vrg=2021030401&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210307&iu_parts=1254144%2Cupdowntoday_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=iid1%3D69754%26t%3D134%26d%3D244871%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod54%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dupdowntoday_com-medrectangle-2-69754%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10061%26asau%3D8948657208%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D100%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%252C14%252C28%252C4%252C51%252C0%252C88%252C0%252C71%252C30%252C0%252C31%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1615098506&dt=1615098506991&dlt=1615098506472&idt=474&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1106&adks=3090211009&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupdowntoday.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=888551642.1615098507&ga_sid=1615098507&ga_hid=306470338&ga_fc=false&fws=512&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
21537244b96141ab4ea8c05f51cbe9a7c8d722b9044028943996246d5c6d5cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://updowntoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame C2CA
185 KB
53 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
234313
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C2CA
12 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
234313
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C2CA
87 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
234313
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C2CA
3 KB
1 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
234313
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C2CA
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
234313
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 13:23:14 GMT
css
fonts.googleapis.com/ Frame C2CA
5 KB
784 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=da
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cc09b0d82fa5d05aef18c5468f24d943431683c73266d6a46c8f16325b23620
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 06:20:03 GMT
server
ESF
date
Sun, 07 Mar 2021 06:28:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 06:28:27 GMT
css
fonts.googleapis.com/ Frame C2CA
5 KB
761 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cc09b0d82fa5d05aef18c5468f24d943431683c73266d6a46c8f16325b23620
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Mar 2021 06:28:27 GMT
server
ESF
date
Sun, 07 Mar 2021 06:28:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Mar 2021 06:28:27 GMT
truncated
/ Frame C2CA
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0d679ac84ecc9a5b589e84f21c81e8d7e49bf01d5b38ec3e6ff86c47e623e72

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
40933678460698624
tpc.googlesyndication.com/simgad/ Frame C2CA
1 KB
902 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 16:19:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310138
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Mar 2022 16:19:29 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C2CA
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CyZTZi3JEYPSwAorWgAfcqKToA-zQls9h87We-oANipW70ZQOEAEg9PnGJWDRgbmC0AegAeHchfEDyAEGqQJz6XqkXn-FPuACAKgDAcgDCqoE0gFP0KAT1BpBemDv6WmfCEBlPVGBeFEJyNWIaJzdVWGEHqWW6XKmo7dG8NVqqD7_K4-l5XiFbAIU4tg38jS1PkNXwkKVy369PZA9nyvBrMkftpVJzMZf1bvkOCpRE7jXVcTP0O-3kx0D3KcOJVc0I47ZBvH9_5UxLVFpg8Z9_2qoBJyBkY2ErDRTEjsJqIVyMzOShN1DcEIhjxPDxuGFmnq4ibMf8cQIt6iEDc3Qxf7HrDxh7987ZWCi0K133NlpqMvtFLAqhDzkr08uCYmXVm2FJOvABI2J9a-uA-AEAZIFBAgEGAGSBQQIBRgEoAY3gAfa6Ky-AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCowVXSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTE0MTQxNTQzMTcyNDg4ODmACgPICwHYEw2IFAGyFxoKGAgAEhRwdWItNjM5Njg0NDc0MjQ5NzIwOA&sigh=QJBRVfnHQlo&template_id=492&tpd=AGWhJmvNYTzJ6-Q40d3hN-Bbil_9wQzX_9fGSVlPmg75nEyk3w
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

l
www.google.com/ads/measurement/ Frame C2CA
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnXTivpkm26KPwaPWCdBMvcihYgGsA6HsMwByIxQ-HyI58aG0vwqbz3o0LioOuSeNEYgMz
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2CA
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
79530
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 07 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2CA
295 B
748 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
25416
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 07 Mar 2021 23:24:51 GMT
greenoaks.gif
updowntoday.com/detroitchicago/
0
127 B
XHR
General
Full URL
https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjkwMyJ9XX1d
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:27 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:27 UTC
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a73b5e53a22a20b8b935fe91df39d9cdbbd69b16b94372dc6c2a07137b3b89c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 06:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6570
x-xss-protection
0
greenoaks.gif
updowntoday.com/detroitchicago/
0
19 B
XHR
General
Full URL
https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6Ijk3MyJ9XX1d
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:27 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:27 UTC
army.gif
updowntoday.com/porpoiseant/
0
19 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJhZjA2M2MyNDQwODliNTJlYzVhMDQyM2EyNThmMWY4ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTQsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE0LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2NTU0IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidW5pdCI6ImRpdi1ncHQtYWQtdXBkb3dudG9kYXlfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRLIiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM1NTAifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2NTU0IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidW5pdCI6ImRpdi1ncHQtYWQtdXBkb3dudG9kYXlfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRLIiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:27 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:27 UTC
28687274
g.ezoic.net/dac/
0
93 B
XHR
General
Full URL
https://g.ezoic.net/dac/28687274
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/porpoiseant/banger.js?cb=192-0&bv=8&v=45&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 07 Mar 2021 06:28:27 GMT
cache-control
max-age=3600, public
server
nginx/1.16.0
content-length
0
vary
Accept-Encoding
content-type
text/plain
army.gif
updowntoday.com/porpoiseant/
0
19 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTAzLTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiNyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:27 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:27 UTC
army.gif
updowntoday.com/porpoiseant/
0
42 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImF1Y3Rpb25fZXBvY2giOjE2MTUwOTg1MDcsImFkX3Bvc2l0aW9uIjoxMTA5LCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiYmlkX2Zsb29yX2luaXRpYWwiOjE0MCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjE0MCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6Mzk0LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:27 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:28 UTC
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 07 Mar 2021 06:28:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C2CA
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=da
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://updowntoday.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
473800
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:51:47 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame C2CA
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=da
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://updowntoday.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:34:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
age
474840
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:34:27 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C2CA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 07 Mar 2021 06:28:27 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 5D77
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://updowntoday.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://updowntoday.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 07 Mar 2021 01:19:32 GMT
expires
Mon, 07 Mar 2022 01:19:32 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18535
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
40933678460698624
tpc.googlesyndication.com/simgad/ Frame C2CA
1 KB
756 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 16:19:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310138
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Mar 2022 16:19:29 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2CA
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
79530
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 07 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2CA
295 B
320 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
25416
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 07 Mar 2021 23:24:51 GMT
QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
pagead2.googlesyndication.com/bg/ Frame 5D77
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 19:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
126839
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5600
x-xss-protection
0
expires
Sat, 05 Mar 2022 19:14:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
224 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030401&jk=816644278099550&bg=!wcKlwoHNAAWsVXnBrDsAKQB2-Dxa0MzWce1PKS_dnqqmYhdovR1EDrEr0kJm95nZ4R-Y9J_yUr9jAgAAAFlSAAAACWgBBwoAwpZ2xd4hRIvXu7Oee4j0VYY02k7EXWWGgZ6nfDr3Z6LVAaRrZeSiDhEcwBs8dFkBa5FeBuaudsJHiUbhB6qpGVxTljc3hFtzFfS_1Miv4yQ1ghrYD0dijd5LDHfvQ-yaDZ0oppoK2mUllDGQw9Gl1-CRi9Uvpl4D79IKNaoSr41K08rvNpZG2qvXmVt5od-zmduuady8tLNA4YUUlha4TejVrYnzX5vBAnfFBEoY3fhI-TJ4NFLUrF7d5RzmF9b0lkItmQH4jH85dyHjB7YDEI6gluNDPF-VVgTPShEoWPrUbF7CMYrfb9epnsr4O7VV8qHT7e2T5UmYuEP2Y1-b6SkztRjJdQoO1ON-D2IvJBlHuwxUXozbir3A1mpe2LCertfqHB4YvMlB_Hwca0u7rbmSD4p_eO6xFOOkApYxh9GkEEE6nFoPn8qglV-_WW3bfax1R2FWTP_MPYuokodYMOiDLkFPWSO62rTjenW6UeUmLphl1rvxGmY40YXesYpresDQv8FHnZNQqBSMChd9Ui_0FbNHETM9c4TfXHmrGl3CNp1vg-hVIar9EvPhSMGZUm9UW0ELVRj1rOG6QY5MzwSNCe42NCLjGfoYLfYWTXrm3bk9XntKENXKMcmOtiZ_8RWQKcJMc1ZbzcY0kRyl3nW5hIm97KGIJofqGYFIMs5JwUd3YXpCsas7Sdrn4FOaXZnza9uUEjCPYpbDUGzl1ISjVBwjR6nMEfbbSrtbJBFsCaY2OC9DbT-A3YymY4VTpwlKaCDqCn4rL2mh4jkMpyutWd8Um60p8CGyyE8Dh45AhZA1Ds-Vbbzypr0qaZR0fon8kNVzy21V5GZ3cddohViJjxeiZCs_4UKgUrSIU9EPqFJ73f2VsJTGs9M0N-q6_nwizrqnvF8hooI2_BjIK3JbBrz_vYjYb4_Cgdtn
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C2CA
42 B
94 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSpVXt_-cKdPFFYU4H0YFVYvJVDmbe82YZnvUj0HxepXVxAC1NsBckVo7p38zOCna5RG5Ji4Nbx8D0yQdbOQT6CHNGMWObnEK_j8tC43PeCarQplyjw9CvJlE1PQ&sai=AMfl-YRQxmVmaBTlM0aaL030voNj4hwonwUhMV1mBAW_7RLFhqXjU9md2gjXRUrN9R_d-mDVWrMqyiM6pXwMDCdQBQzyuuefGv_OCndCP6udNaFUVnjOqA230ClIKhfJYd4&sig=Cg0ArKJSzJsjGmhgigXfEAE&cid=CAASPeRodOwVmKdye9WIY1zPDsSpCZEdqRroq0tTCyLBGsPzwUdPgPZGHNtwz42rcmhU9gWWph4ox7nP3bFFbO4&id=ampim&o=490,102&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=129&tls=1130&g=100&h=100&tt=1130&r=v&avms=ampa&adk=2010662305
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
updowntoday.com/porpoiseant/
0
42 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:28 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:28 UTC
army.gif
updowntoday.com/porpoiseant/
0
42 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzkifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:28 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:29 UTC
services
g2.gumgum.com/zones/w9xc2jc5/
0
525 B
XHR
General
Full URL
https://g2.gumgum.com/zones/w9xc2jc5/services?dp=https%3A%2F%2Fupdowntoday.com%2F&pu=https%3A%2F%2Fupdowntoday.com%2F&ogu=%2F%2Fupdowntoday.com%2Fen%2F&rf=&r=3.81.0&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.81.0%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9830&bf=316fb8f71ee8eaf422f04de06471002f46450782&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1615098509689&to=-60&vpii=false&vph=1200&vpw=1600&uspConsent=1---
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://updowntoday.com
date
Sun, 07 Mar 2021 06:28:29 GMT
access-control-allow-credentials
true
server
nginx
timing-allow-origin
*
etag
"0d41d8cd98f00b204e9800998ecf8427e"
p3p
CP="This is not a P3P policy"
publishertag.prebid.js
static.criteo.net/js/ld/
80 KB
26 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:29 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:28 GMT
server
nginx
etag
W/"6034e04c-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 08 Mar 2021 06:28:29 GMT
syncframe
gum.criteo.com/ Frame 092D
0
150 B
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=updowntoday.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=updowntoday.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://updowntoday.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://updowntoday.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1417
date
Sun, 07 Mar 2021 06:28:29 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/
80 KB
26 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:29 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:28 GMT
server
nginx
etag
W/"6034e04c-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 08 Mar 2021 06:28:29 GMT
457.json
id5-sync.com/g/v2/
606 B
927 B
XHR
General
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.166 , France, ASN16276 (OVH, FR),
Reverse DNS
p10.id5-sync.com
Software
/
Resource Hash
4c20c2747553616cbc08aa2f877b3c3ce8ffe7168a81e7cc9b0794202d1cbae8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://updowntoday.com
Date
Sun, 07 Mar 2021 06:28:56 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame 963B
37 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://updowntoday.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://updowntoday.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=41111
Expires
Sun, 07 Mar 2021 17:53:41 GMT
Date
Sun, 07 Mar 2021 06:28:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 5BF5
2 KB
818 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1615098506834&us_privacy=1---
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1615098506834&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://updowntoday.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://updowntoday.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9C00
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://updowntoday.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIkfo_EAoYASABKAEwiuWRggY4AUABSAEQiuWRggYYAA..; uuid2=4750522130641813616
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://updowntoday.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 24 Feb 2021 05:50:24 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 07 Mar 2021 06:28:30 GMT
Age
2262
X-Served-By
cache-lga21977-LGA, cache-hhn4051-HHN
X-Cache
HIT, HIT
X-Cache-Hits
2, 20652
X-Timer
S1615098510.139577,VS0,VE0
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 963B
8 KB
9 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4f8dd1d1ec248bc933c041dcb0e7ae8e254f3e2ad9f49de259ae2cdacf913266

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:28:28 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 9C00
0
744 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 06:28:30 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid
27711de4-f3e0-4e0b-9c18-c5557153fdbf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.dk/adsid/
107 B
777 B
Script
General
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=updowntoday.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 06:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
146 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=updowntoday.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Mar 2021 06:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
51 KB
21 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=816644278099550&correlator=396796439594090&output=ldjh&impl=fif&eid=31060360&vrg=2021030401&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210307&iu_parts=1254144%2Cupdowntoday_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=3&rcs=1&prev_scp=iid1%3D69754%26t%3D134%26d%3D244871%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod54%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dupdowntoday_com-medrectangle-2-69754%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10061%26asau%3D8948657208%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D50%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%252C14%252C28%252C4%252C51%252C0%252C88%252C0%252C71%252C30%252C0%252C31%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C19%26lb%3D100%26reqt%3D1615098510286&eri=1&cookie=ID%3D623e85df0a6c690a-2213de29b4ba0008%3AT%3D1615098507%3AS%3DALNI_Maqz2-sxLhlAGns8RDRtp7wU_YsTw&bc=31&abxe=1&lmt=1615098510&dt=1615098510289&dlt=1615098506472&idt=474&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1106&adks=3090211009&ucis=3&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupdowntoday.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=888551642.1615098507&ga_sid=1615098507&ga_hid=306470338&ga_fc=false&fws=512&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4e2fe837fac57d5caa2d862fa289ddac23bb6c2bd37fedecf79ced48cb663c34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21465
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://updowntoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame BC10
43 B
326 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sun, 07 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1043
x-powered-by
ASP.NET
date
Sun, 07 Mar 2021 06:28:29 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 7A8D
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3074622870793750158
42 B
769 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3074622870793750158
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 07 Mar 2021 06:17:28 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-3074622870793750158; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:28 GMT; path=/ PugT=1615097848; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:28 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:28 GMT; path=/
X-lat
amspug018:0:357
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3074622870793750158
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 5DB3
43 B
430 B
Document
General
Full URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.192.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-192-197.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sun, 07 Mar 2021 06:28:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 85AF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936795280274421906
42 B
771 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936795280274421906
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 07 Mar 2021 06:17:29 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6936795280274421906; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:29 GMT; path=/ PugT=1615097849; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/
X-lat
amspug008:0:376
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 07 Mar 2021 06:28:30 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6936795280274421906; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936795280274421906
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 23CE
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZvJmEbOj0ZjeaKdnNqPYWbhk
42 B
811 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZvJmEbOj0ZjeaKdnNqPYWbhk
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 07 Mar 2021 06:17:28 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-ZvJmEbOj0ZjeaKdnNqPYWbhk&KRTB&23212-ZvJmEbOj0ZjeaKdnNqPYWbhk; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:28 GMT; path=/ PugT=1615097848; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:28 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:28 GMT; path=/
X-lat
amspug015:0:371
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sun, 07 Mar 2021 06:28:30 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=ZvJmEbOj0ZjeaKdnNqPYWbhk; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZvJmEbOj0ZjeaKdnNqPYWbhk
strict-transport-security
max-age=0; includeSubDomains;
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame B8BB
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2286571566
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2286571566
  • https://sync.1rx.io/usersync/tradedesk/9400d0a6-6d95-4fb4-ae38-df41363d79b3
  • https://sync.targeting.unrulymedia.com/csync/RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003
42 B
849 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35; PUBMDCID=3; KRTBCOOKIE_1101=23040-6936795280274421906; KRTBCOOKIE_391=22924-8772386290146331978; KRTBCOOKIE_27=16735-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&16736-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&23019-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&23114-uid:c1e76044-728e-4400-959a-508e20d6ff1d; KRTBCOOKIE_107=1471-uid:kHqSR4yc1LiMTY5; KRTBCOOKIE_409=22966-ZvJmEbOj0ZjeaKdnNqPYWbhk&KRTB&23212-ZvJmEbOj0ZjeaKdnNqPYWbhk; KRTBCOOKIE_377=6810-bd2cb31b-3cf7-4af4-9090-767825de08c9&KRTB&22918-bd2cb31b-3cf7-4af4-9090-767825de08c9&KRTB&23031-bd2cb31b-3cf7-4af4-9090-767825de08c9; KRTBCOOKIE_336=5844-3074622870793750158; KRTBCOOKIE_57=22776-4750522130641813616; KRTBCOOKIE_80=16514-CAESEGtPq5ZxXgvtgrkxWuiflD8&KRTB&22987-CAESEGtPq5ZxXgvtgrkxWuiflD8&KRTB&23025-CAESEGtPq5ZxXgvtgrkxWuiflD8; KRTBCOOKIE_153=19420-8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH&KRTB&22979-8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH; KRTBCOOKIE_22=14911-8083888559215874712; KRTBCOOKIE_1074=22956-e_7dd6db99-52dc-4d27-8923-0ae385b067bc; PugT=1615097849; KRTBCOOKIE_218=22978-YERyjgAAAFoZlyzr&KRTB&23194-YERyjgAAAFoZlyzr&KRTB&23209-YERyjgAAAFoZlyzr&KRTB&23244-YERyjgAAAFoZlyzr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 07 Mar 2021 06:17:29 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003&KRTB&17107-RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/ PugT=1615097849; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/
X-lat
amspug008:0:274
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Sun, 07 Mar 2021 06:28:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003%22%7D; path=/; expires=Mon, 07 Mar 2022 06:28:30 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003
ETag
RXfd57fb604f544893b9922cff0edacf13003
bridge
cm.adgrx.com/ Frame C161
43 B
408 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sun, 07 Mar 2021 06:28:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame B580
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
442 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arnoeUNZaiMyAmemDpPZbn1q3SJSPaPK3T16MYcfZco
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d8ddb49001046784bc8b01b7b4e1a5f7d1615098510; expires=Tue, 06-Apr-21 06:28:30 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aLnseFpkijdDifqAaAclFFZcUY81MMmZblOLodG6AUOy0QZb5WFT6wTRUESjldr8EduOuFjAe4XkU1ZdJe4UuLRO; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 06:28:30 GMT; SameSite=None; Secure; ANON_ID_old=aLnseFpkijdDifqAaAclFFZcUY81MMmZblOLodG6AUOy0QZb5WFT6wTRUESjldr8EduOuFjAe4XkU1ZdJe4UuLRO; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 06:28:30 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08acf894cf0000062deba54000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62c1c39aeca7062d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sun, 07 Mar 2021 06:28:30 GMT
content-type
text/html
set-cookie
__cfduid=d8ddb49001046784bc8b01b7b4e1a5f7d1615098510; expires=Tue, 06-Apr-21 06:28:30 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=arnoeUNZaiMyAmemDpPZbn1q3SJSPaPK3T16MYcfZco; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 06:28:30 GMT; SameSite=None; Secure; ANON_ID_old=arnoeUNZaiMyAmemDpPZbn1q3SJSPaPK3T16MYcfZco; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 06:28:30 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
332
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
08acf894160000062d798be000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62c1c399bb1c062d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 89BF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lki5Y6yQfUDI&pid=557219
1 B
463 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lki5Y6yQfUDI&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35; PUBMDCID=3; KRTBCOOKIE_1101=23040-6936795280274421906; KRTBCOOKIE_391=22924-8772386290146331978; KRTBCOOKIE_27=16735-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&16736-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&23019-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&23114-uid:c1e76044-728e-4400-959a-508e20d6ff1d; KRTBCOOKIE_107=1471-uid:kHqSR4yc1LiMTY5; KRTBCOOKIE_409=22966-ZvJmEbOj0ZjeaKdnNqPYWbhk&KRTB&23212-ZvJmEbOj0ZjeaKdnNqPYWbhk; KRTBCOOKIE_377=6810-bd2cb31b-3cf7-4af4-9090-767825de08c9&KRTB&22918-bd2cb31b-3cf7-4af4-9090-767825de08c9&KRTB&23031-bd2cb31b-3cf7-4af4-9090-767825de08c9; KRTBCOOKIE_336=5844-3074622870793750158; KRTBCOOKIE_57=22776-4750522130641813616; KRTBCOOKIE_80=16514-CAESEGtPq5ZxXgvtgrkxWuiflD8&KRTB&22987-CAESEGtPq5ZxXgvtgrkxWuiflD8&KRTB&23025-CAESEGtPq5ZxXgvtgrkxWuiflD8; KRTBCOOKIE_153=19420-8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH&KRTB&22979-8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH; KRTBCOOKIE_22=14911-8083888559215874712; PugT=1615097848
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 07 Mar 2021 06:17:29 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/
X-lat
amspug019:0:358
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-568ff9c7d-5d796
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lki5Y6yQfUDI&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=ed56fde9c3534b2b; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame CC67
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sun, 07 Mar 2021 06:28:30 GMT
via
1.1 varnish
x-served-by
cache-hhn11571-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1615098511.527281,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e;Version=1;Path=/;Domain=.taboola.com;Expires=Mon, 07-Mar-2022 06:28:30 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sun, 07 Mar 2021 06:28:30 GMT
via
1.1 varnish
x-served-by
cache-hhn11571-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1615098510.435141,VS0,VE58
x-vcl-time-ms
58
content-length
0
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 98DE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kHqSR4yc1LiMTY5&gdpr=0&gdpr_consent=
42 B
769 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kHqSR4yc1LiMTY5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35; PUBMDCID=3; KRTBCOOKIE_1101=23040-6936795280274421906; PugT=1615097849
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 07 Mar 2021 06:17:29 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:kHqSR4yc1LiMTY5; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/ PugT=1615097849; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/
X-lat
amspug017:0:271
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sun, 07 Mar 2021 06:28:30 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kHqSR4yc1LiMTY5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-05a1c1cf6bbf9fe9a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=kHqSR4yc1LiMTY5; Domain=.w55c.net; Expires=Thu, 07-Apr-2022 06:28:30 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Tue, 06-Apr-2021 06:28:30 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
check
pixel.tapad.com/idsync/ex/receive/ Frame AA62
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B
Document
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1615098510604; TapAd_DID=5585e4c2-7f0e-11eb-afe8-5a9a02d33f5c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Sun, 07 Mar 2021 06:28:30 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1615098510604;Expires=Thu, 06 May 2021 06:28:30 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=5585e4c2-7f0e-11eb-afe8-5a9a02d33f5c;Expires=Thu, 06 May 2021 06:28:30 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 963B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Itq5rfiaSCe7p8T1Megy5Q%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:28:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=45899
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 07 Mar 2021 19:13:29 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 963B
95 B
594 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
62c1c399cba34e68-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08acf8941d00004e6818369000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 963B
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:29 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:29 GMT
frontend-id
4
location
/pubmatic/1/info2?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&addseg=29
7 B
147 B
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&addseg=29
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:28:30 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Sun, 07 Mar 2021 06:28:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&addseg=29
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJEQUI5QUQtRjg5QS00ODI3LUJCQTctQzRGNTMxRTgzMkU1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:28:30 GMT
X-lat
amspug007:0:371
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGtPq5ZxXgvtgrkxWuiflD8&google_cver=1
42 B
855 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGtPq5ZxXgvtgrkxWuiflD8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:29 GMT
X-lat
amspug020:0:368
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGtPq5ZxXgvtgrkxWuiflD8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 963B
43 B
609 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 06 Mar 2021 06:28:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8772386290146331978
42 B
770 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8772386290146331978
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:27 GMT
X-lat
amspug013:0:497
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:30 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8772386290146331978
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c1e76044-728e-4400-959a-508e20d6ff1d&gdpr=0&gdpr_consent=
42 B
946 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c1e76044-728e-4400-959a-508e20d6ff1d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:26 GMT
X-lat
amspug014:0:375
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sun, 07 Mar 2021 06:28:28 GMT
Server
MT3 3518 2f03077 master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c1e76044-728e-4400-959a-508e20d6ff1d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 07 Mar 2021 06:28:27 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bd2cb31b-3cf7-4af4-9090-767825de08c9
42 B
882 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bd2cb31b-3cf7-4af4-9090-767825de08c9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:28 GMT
X-lat
amspug012:0:372
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bd2cb31b-3cf7-4af4-9090-767825de08c9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4750522130641813616&gdpr=0&gdpr_consent=
42 B
769 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4750522130641813616&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:29 GMT
X-lat
amspug011:0:364
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 06:28:30 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid
706edcfc-1b14-4862-bb4e-e0ae64014dda
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4750522130641813616&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GCFl2DF1l2L12xEJqsFcBifD0HWdq60-&gdpr=0&gdpr_consent=
0
418 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GCFl2DF1l2L12xEJqsFcBifD0HWdq60-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:28 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 07 Mar 2021 06:28:30 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GCFl2DF1l2L12xEJqsFcBifD0HWdq60-&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
22DAB9AD-F89A-4827-BBA7-C4F531E832E5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 963B
43 B
839 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/22DAB9AD-F89A-4827-BBA7-C4F531E832E5?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8083888559215874712&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8083888559215874712&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:28 GMT
X-lat
amspug012:0:281
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8083888559215874712&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 07 Mar 2021 06:28:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH
42 B
843 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:29 GMT
X-lat
amspug017:0:300
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=7e39e1a5-3c3b-43a7-aaad-6ff9daec56d7&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:29 GMT
X-lat
amspug003:0:372
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 07 Mar 2021 06:28:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YERyjgAAAFoZlyzr&gdpr=0&gdpr_consent=&_test=YERyjgAAAFoZlyzr
1 B
809 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YERyjgAAAFoZlyzr&gdpr=0&gdpr_consent=&_test=YERyjgAAAFoZlyzr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:29 GMT
X-lat
amspug020:0:322
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615098511.835333,VS0,VE0
x-served-by
cache-hhn4026-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YERyjgAAAFoZlyzr&gdpr=0&gdpr_consent=&_test=YERyjgAAAFoZlyzr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:28:31 GMT
X-lat
amspug006:0:399
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:31 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 963B
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:30 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:eb00ed22-2463-4646-9976-a34416e630a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:eb00ed22-2463-4646-9976-a34416e630a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:29 GMT
X-lat
amspug015:0:345
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:eb00ed22-2463-4646-9976-a34416e630a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 07 Mar 2021 06:28:31 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4750522130641813616
42 B
505 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4750522130641813616
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:27 GMT
X-lat
amspug013:0:307
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 06:28:30 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid
83d8cf95-4c11-43fc-92be-2bcba86c6bcc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4750522130641813616
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7dd6db99-52dc-4d27-8923-0ae385b067bc
42 B
790 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7dd6db99-52dc-4d27-8923-0ae385b067bc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:17:29 GMT
X-lat
amspug001:0:392
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7dd6db99-52dc-4d27-8923-0ae385b067bc
date
Sun, 07 Mar 2021 06:28:30 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
container.html
782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0969
6 KB
3 KB
Document
General
Full URL
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://updowntoday.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://updowntoday.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 07 Mar 2021 06:28:27 GMT
expires
Mon, 07 Mar 2022 06:28:27 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Sun, 07 Mar 2021 06:28:30 GMT
army.gif
updowntoday.com/porpoiseant/
0
65 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIzYmE5ODJmYzQyMzhkZDQxOTdiMWQ1MWIzNDU0NzhkYyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDUsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA1LCJiaWRfZmxvb3JfcHJldiI6MC4wMDEsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTc1NCIsImRvbWFpbl9pZCI6IjI0NDg3MSIsInVuaXQiOiJkaXYtZ3B0LWFkLXVwZG93bnRvZGF5X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwNDE2OTg4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTc1NCIsImRvbWFpbl9pZCI6IjI0NDg3MSIsInVuaXQiOiJkaXYtZ3B0LWFkLXVwZG93bnRvZGF5X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:30 UTC
28687274
g.ezoic.net/dac/
0
40 B
XHR
General
Full URL
https://g.ezoic.net/dac/28687274
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/porpoiseant/banger.js?cb=192-0&bv=8&v=45&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 07 Mar 2021 06:28:30 GMT
cache-control
max-age=3600, public
server
nginx/1.16.0
content-length
0
vary
Accept-Encoding
content-type
text/plain
army.gif
updowntoday.com/porpoiseant/
0
19 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTAzLTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiNyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:30 UTC
army.gif
updowntoday.com/porpoiseant/
0
42 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImF1Y3Rpb25fZXBvY2giOjE2MTUwOTg1MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiYmlkX2Zsb29yX2luaXRpYWwiOjEwMCwiYmlkX2Zsb29yX3ByZXYiOjEwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6NTAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjM0NCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:31 UTC
army.gif
updowntoday.com/porpoiseant/
0
19 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjEwOTMifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2NTU0IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidW5pdCI6ImRpdi1ncHQtYWQtdXBkb3dudG9kYXlfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRLIiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI0OTAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjEwMiJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:30 UTC
view
googleads4.g.doubleclick.net/pcs/ Frame DD07
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMzFrLTYzT5sc6cWN7eVcWFFow5aDZnsLttXvvNcFNkcwulMKMjgApNKxzIFtX4EAVh2rAcmakliYnd9gjuY_aYxgJAFHwFyqOGAXjobIZjSpPbI54PvKuOVbUyA9Smhv4WSwtGA4l5RsLzG8ivBeCpL8fYDAqK0-5l1xLY9g3ORIVhJJ3Ot2yMfPjfTBjxWXp0MT0oSZoi3SgO0xGltzKa04ZJ261IsHCOULOJLy1Zb5wcOyOPi5TrRAV1bNn5hFfdfiHwYhofiVKliY4FoOfQblUn87jvNqPPdzq_PG3fG8NU2hMOpgvHa32zP65eTIeZSZAXiH8vXbD8QZMZ3WM4IQ4Zr735gqkB2ZH23uUQCd3wMJApxpgD1PjGrK5YehYp2f_jdnvoeoDgOfWZRn_Ri2sETf0y5rQIP4he3Twz-kcJBnqqhVvhAbdVOrU6iXKHwF3YiqrnNae79Ha3tKvGZuUKsTIcb1NqBWtyc9qCMchbRql_xDgocuUTf2qAJOC_NAG_AIL3ok0v8a6b3rT2ijxvKe3hGEQx1FuryuaY_y-GmXW7VgSZp0pmPLoL7831AKBT8qH7pcKae5xUPp8crYJS36-N9rIH2MqabAWDQXt5r6AUMFtMG379baFYLPe0jQFA4epaNQvGBOgKcvUngl3pZTaLq9WR7jKvb11GsEiHmtABPLyHVzX01U-CchT1x3xvgm2SNWTVf5Dax-CUtH94GzusLlWkW1ugoYx1pFZlKHNgxErsbK2f5bNHFj6-14baljW43nPz-_aSsIA6G0gLqoiCk6oME3ElxJGOnc6yUgddxyPFUSUR1P4PXPUp3w2SxN3T1T8AnUMNZse3aveEvW13J0vzc5dtFdBQIZCQvyIsVoFim3b2u4W7otkIcevZhrO8NVdChJv_lL9BW-dlTPLcmL0iJo48goI-zqKu40LtPrx9sBVpCzLOSnIhpYNyZLyzDOLppvzim0H5NgrTOneo_7P8Fclrgc72mVjK8dqiiL5CYuFxHrtlF37xHZciVnZTSUfrKPs5o2J70NdcU8KhC74FXqsY2G2EfaUtZBmbb7c3fWkGI23NTc64vGiXAlegJs3eBI0NFwdxMeDfYMgx7AfiwndPh_LZlRaWya7&sig=Cg0ArKJSzIT1cvUvdMEbEAE&urlfix=1&adurl=&tpd=AGWhJmvBvQD95OW1m-5oJoqrvdVSzGWaOCweb2SpzI_w5IwGog
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 07 Mar 2021 06:28:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame DD07
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 14:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57015
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Mar 2021 14:38:15 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DD07
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 09:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249580
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 09:08:50 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame DD07
31 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7c4efd1f41f3683d4845c653d5166988897616f79951568dad9323c26f2d6f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 01:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12669
x-xss-protection
0
server
cafe
etag
5012884434530507151
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 01:00:03 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame DD07
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:27:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 06:27:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DD07
110 KB
34 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sun, 07 Mar 2021 06:28:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame DD07
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:19:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 06:19:29 GMT
l
www.google.com/ads/measurement/ Frame DD07
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5mdmZh26RibIyumTccMuZKXn2XNf7GYZTC301czOp4KB5kn2F7lwlYU2RwSZxmlNKeJ-Q-IhH0dQ7QyDT23Kq9iIEFA
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame DD07
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 06:26:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 288C
1 KB
858 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
URL: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 07 Mar 2021 03:14:09 GMT
expires
Mon, 08 Mar 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
11661
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A22D
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 05 Mar 2021 13:42:11 GMT
expires
Sat, 05 Mar 2022 13:42:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
146779
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
t.js;adv=11312204782683;ec=11312204817403;adv.a=8240968;c.a=25378858;s.a=3447485;p.a=296513903;a.a=489835819;cache=1105616665
ad.atdmt.com/i/ Frame DD07
0
1 KB
Script
General
Full URL
https://ad.atdmt.com/i/t.js;adv=11312204782683;ec=11312204817403;adv.a=8240968;c.a=25378858;s.a=3447485;p.a=296513903;a.a=489835819;cache=1105616665
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:2:face:b00c:0:8c , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
M2Qy1BT98oi1AaD8U7/cR2egfrV8sgw9Gwwhl9KIDb+XhX3ex8nbaAbZ1AjYyUv3BjA3gyuJADWQwX8cdBMFLQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 07 Mar 2021 06:28:30 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/javascript;charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
x-fb-rlafr
0
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
s0.2mdn.net/8240968/1613993611088/ Frame 82DC
4 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b930a131bce632e30468d53ba640c7ef7e4fe27e45b7365067bcb5fe509b58e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1419
date
Sat, 06 Mar 2021 09:27:53 GMT
expires
Sun, 07 Mar 2021 09:27:53 GMT
last-modified
Mon, 22 Feb 2021 11:33:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
75637
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DD07
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec856bb58188dd2dfea5848df664d4b65f51c7a459449b294c59b367eff9b2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 288C
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENdGGeah-Up9j6lHt1qHYlg&google_cver=1&google_push=AQvitUKn9TPkH6CyMecTYx8BT8GLzyVSNh4tze-W_HP23T0cEa3Ytg78s9-Ltv2kwzM27ItloXSJfC6YtDfmOLWUG_MQbFEBxQOgDg
Requested by
Host: 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
URL: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:30 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 288C
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDqBA_Nd61XBKiw0iTwIyko&google_cver=1&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_wlR6jCVTkxHBU6jukCw&google_hm=7JCr4RXfSKKr1IY395...
170 B
310 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_wlR6jCVTkxHBU6jukCw&google_hm=7JCr4RXfSKKr1IY395PNCOs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:30 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_wlR6jCVTkxHBU6jukCw&google_hm=7JCr4RXfSKKr1IY395PNCOs
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
dsp.adkernel.com/ Frame 288C
42 B
233 B
Image
General
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEHITWwbC1471lPRDcVxXfmE&google_cver=1&google_push=AQvitUKO9L8LkvOwemsilPnnovsX-c0xR9mGH7WDAfeJmHB2oeUk61cGTzyFliuyNxw-20A75FuRDR787xPek0KNX8B3wWVYR5Diow
Requested by
Host: 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
URL: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 06:28:31 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 288C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFATjFetkkBL9lQ096M45to&google_cver=1&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIwMzY5ODA4MjE4NTM1MDA0NQ%3D%3D&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_Jnov...
170 B
213 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIwMzY5ODA4MjE4NTM1MDA0NQ%3D%3D&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIwMzY5ODA4MjE4NTM1MDA0NQ%3D%3D&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3
date
Sun, 07 Mar 2021 06:28:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
cc.adingo.jp/adx/push/ Frame 288C
0
44 B
Image
General
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEJZvegQAm3rPyxeRAbmUAp0&google_cver=1&google_push=AQvitUIfYwANscoV8fWiapQgGLhBknmR1dOHETFguAjy5GKpD3ntwfdkXTlTMVlQ1yIqFLQyhave4eKwZixhcnJuvKSRVHS0CMHr
Requested by
Host: 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
URL: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.180.1.224 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:32 GMT
server
awselb/2.0
pixel
cm.g.doubleclick.net/ Frame 288C
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEG5-0gevhPLECE61pOwQMO8&google_cver=1&google_push=AQvitULK-uDcCcEpHvCrlr2__YunlaDeIzzYhcs0AEe5i9PO3OTgAXquQcOqwDNCIaqAgO21jxlEH-W0ueBaYqOjmjSPB_JfWIKIUq8
  • https://ads.avads.net/sync/ggl?google_gid=CAESEG5-0gevhPLECE61pOwQMO8&google_cver=1&google_push=AQvitULK-uDcCcEpHvCrlr2__YunlaDeIzzYhcs0AEe5i9PO3OTgAXquQcOqwDNCIaqAgO21jxlEH-W0ueBaYqOjmjSPB_JfWIKIU...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YmNjZDM3YTYtMTFmZS00MjJmLTg4YzYtZmVkNjc0NDBkNjcy
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YmNjZDM3YTYtMTFmZS00MjJmLTg4YzYtZmVkNjc0NDBkNjcy
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YmNjZDM3YTYtMTFmZS00MjJmLTg4YzYtZmVkNjc0NDBkNjcy
date
Sun, 07 Mar 2021 06:28:31 GMT
x-envoy-upstream-service-time
6
server
istio-envoy
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 288C
0
223 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKvbm1inhZbxbtBH8q2Fm8kh5OMlkHdKfSYMAhqj0arDDlS95ty0OKhN8MJCdo3hY
Requested by
Host: 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
URL: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
pagead2.googlesyndication.com/bg/ Frame A22D
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7aeee37cba9b03f4ab2a8b5593628d7848d2c624086f78b0f0b96dd29a15e05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 07:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
168626
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5632
x-xss-protection
0
expires
Sat, 05 Mar 2022 07:38:04 GMT
6033966c3751136e3b9ac7b2
c.bannerflow.net/a/ Frame 82DC
47 KB
16 KB
Script
General
Full URL
https://c.bannerflow.net/a/6033966c3751136e3b9ac7b2?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRyiFdd_o9lEseeoVloODbvQGpJuk9qfa9lbWz7_P4SU6FOFRp0qfTExkPody1W7zVkBjBnc5h-QGFKZjXedd6Tzlett6sTe_lFxNlSk1GQag7LjxpV9euKvUKY4dLUhvsZrTIFUFm0-4ktCfjIDu92dQEpiIRRAafDRHmoAIGz3jSd4mf1gFImoKZPRITpaKx3ilG-Nv4P-ARxPM_US4pAKQq76Vcc1fuzPqF9WvsmmHKV2YIivotpe07qsNYX7AaA5UPpR0NzzMVw-H52p-TsJnjDwtrT-HWytJR1xBFngkooroQUCWN7nho5khK9BNFAdEmcBwnszlsw0poxUiJR2Fp7Bau52UixkAzHptbIPLgZU706iPmElHN8_mNBS3QsTomUs4zUJZAnU7FfdJZJ4AkkWUtCNQPbefCvP7EsvbnJ1E9g65XXXp7Gn5C_VEtCXYMId8X7y6W14GXaef3mvys0ZRogKOITggXag5CYi5jz_KshTgr4yAupOAu1vYV0Qmf9cKrNqG2AwuumjR-8yWX3Utx-ulzVhznsbfrlfBS3DGr5UYjjyTQg8k3R3toGFqD7MUPpKoMy6st8qg0vCOa7yd6x20vlkDkpyuF5JA4QWGHhbGyYQ-LFQ7DzBCqFLjouARmvxhzGxTyuky_FW0JP-HkJT4TIT33YTkonfuR9osn8B-CAwOvoJNJsnkAOVzOS8pQ1iL-ke1tiOXuvHgM28IxvZP8vp5vTF-oYz37oSCSSGIHHkQ2yvANtGtC9cJ8Ckyn2MDO971KyRpjspSj673gyryf5MR2ZGfxXduYhgP0Fna7V0ql61PxH4tqABHGzLnAqwj40ZRphG6fsayvhysspN5XPPtIvCGwZ6_o4ErDxozMcVzmlqIqa-KYyQ6JGBV-yxClqq-Vr9qRQZC40vh8EkSKav3Ee6qsiif00-QY9VcHy2PLi0QQSGHjIXxVP6IAg5fRJG3cmURXwd9DY86RHFCClcn8gmbRJTs_MKH9_WyXBUZMJHcb6mTVHVEG2YK7mKOC8if2V7J2YXAy2XC9MLfIH9Sz-kOKVf4VeykI2uC2UXQEIohwRUMBYg80DajgMq1L8TxQ3_EwCgiWgu9yxmRSNPmeEQ%26sig%3DCg0ArKJSzIB9BB7rYEvhEAE%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fad.atdmt.com%252Fc%252Fimg%253Badv%253D11312204782683%253Bec%253D11312204817403%253Badv.a%253D8240968%253Bc.a%253D25378858%253Bs.a%253D3447485%253Bp.a%253D296513903%253Ba.a%253D489835819%253Bcache%253D1105616665%253Bqpb%253D1%253B%253Fh%253Dhttps%253A%252F%252Fwww.home.saxo%252Fda-dk%252Fproducts%252Fstocks%253Fcmpid%253Ddisp_google_9988386936_101778303506_500179662659%2526dclid%253D%2525edclid!
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87d1742fea1badee591003c1a567eedd470524918d3d4d7f9a15935c4e98f3a

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cf-ray
62c1c39d39aa2c56-FRA
link
<https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/461389/607204/preload.jpg>; rel=preload; as=image
cf-request-id
08acf8964400002c568324e000000001
request-context
appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e
preload.jpg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/461389/607204/ Frame 82DC
701 B
1 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/461389/607204/preload.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fff143c2a39269ba1aeae88a6e416e80284a281ed1073ce60013a866dc69b50

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Mar 2021 06:28:30 GMT
cf-cache-status
HIT
age
922644
content-length
701
cf-request-id
08acf8966e00002c568b2c0000000001
x-ms-lease-status
unlocked
last-modified
Mon, 22 Feb 2021 21:02:45 GMT
server
cloudflare
etag
0x8D8D77533E75504
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
f79a86e7-301e-0056-79b6-0a1cc9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62c1c39d79e12c56-FRA
cf-bgj
h2pri
widget.7c174be0cad5cd1a656c.js
c.bannerflow.net/scripts/ Frame 82DC
19 KB
6 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/widget.7c174be0cad5cd1a656c.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6033966c3751136e3b9ac7b2?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRyiFdd_o9lEseeoVloODbvQGpJuk9qfa9lbWz7_P4SU6FOFRp0qfTExkPody1W7zVkBjBnc5h-QGFKZjXedd6Tzlett6sTe_lFxNlSk1GQag7LjxpV9euKvUKY4dLUhvsZrTIFUFm0-4ktCfjIDu92dQEpiIRRAafDRHmoAIGz3jSd4mf1gFImoKZPRITpaKx3ilG-Nv4P-ARxPM_US4pAKQq76Vcc1fuzPqF9WvsmmHKV2YIivotpe07qsNYX7AaA5UPpR0NzzMVw-H52p-TsJnjDwtrT-HWytJR1xBFngkooroQUCWN7nho5khK9BNFAdEmcBwnszlsw0poxUiJR2Fp7Bau52UixkAzHptbIPLgZU706iPmElHN8_mNBS3QsTomUs4zUJZAnU7FfdJZJ4AkkWUtCNQPbefCvP7EsvbnJ1E9g65XXXp7Gn5C_VEtCXYMId8X7y6W14GXaef3mvys0ZRogKOITggXag5CYi5jz_KshTgr4yAupOAu1vYV0Qmf9cKrNqG2AwuumjR-8yWX3Utx-ulzVhznsbfrlfBS3DGr5UYjjyTQg8k3R3toGFqD7MUPpKoMy6st8qg0vCOa7yd6x20vlkDkpyuF5JA4QWGHhbGyYQ-LFQ7DzBCqFLjouARmvxhzGxTyuky_FW0JP-HkJT4TIT33YTkonfuR9osn8B-CAwOvoJNJsnkAOVzOS8pQ1iL-ke1tiOXuvHgM28IxvZP8vp5vTF-oYz37oSCSSGIHHkQ2yvANtGtC9cJ8Ckyn2MDO971KyRpjspSj673gyryf5MR2ZGfxXduYhgP0Fna7V0ql61PxH4tqABHGzLnAqwj40ZRphG6fsayvhysspN5XPPtIvCGwZ6_o4ErDxozMcVzmlqIqa-KYyQ6JGBV-yxClqq-Vr9qRQZC40vh8EkSKav3Ee6qsiif00-QY9VcHy2PLi0QQSGHjIXxVP6IAg5fRJG3cmURXwd9DY86RHFCClcn8gmbRJTs_MKH9_WyXBUZMJHcb6mTVHVEG2YK7mKOC8if2V7J2YXAy2XC9MLfIH9Sz-kOKVf4VeykI2uC2UXQEIohwRUMBYg80DajgMq1L8TxQ3_EwCgiWgu9yxmRSNPmeEQ%26sig%3DCg0ArKJSzIB9BB7rYEvhEAE%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fad.atdmt.com%252Fc%252Fimg%253Badv%253D11312204782683%253Bec%253D11312204817403%253Badv.a%253D8240968%253Bc.a%253D25378858%253Bs.a%253D3447485%253Bp.a%253D296513903%253Ba.a%253D489835819%253Bcache%253D1105616665%253Bqpb%253D1%253B%253Fh%253Dhttps%253A%252F%252Fwww.home.saxo%252Fda-dk%252Fproducts%252Fstocks%253Fcmpid%253Ddisp_google_9988386936_101778303506_500179662659%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
421c172f4f115ba30cbb6ad5b5b706c9084b2033f6a70a72efce5a20bf0689e9

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Mar 2021 06:28:30 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
pXkbd1JIbXeaE8iX84dLIg==
age
1635562
cf-request-id
08acf8968000002c56c1030000000001
x-ms-lease-status
unlocked
last-modified
Thu, 11 Feb 2021 08:49:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
39e402be-601e-0074-133b-04d9d6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
62c1c39d9a012c56-FRA
cf-bgj
minify
document.d792a387ab.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/461389/607204/ Frame 82DC
66 KB
10 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/461389/607204/document.d792a387ab.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6033966c3751136e3b9ac7b2?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRyiFdd_o9lEseeoVloODbvQGpJuk9qfa9lbWz7_P4SU6FOFRp0qfTExkPody1W7zVkBjBnc5h-QGFKZjXedd6Tzlett6sTe_lFxNlSk1GQag7LjxpV9euKvUKY4dLUhvsZrTIFUFm0-4ktCfjIDu92dQEpiIRRAafDRHmoAIGz3jSd4mf1gFImoKZPRITpaKx3ilG-Nv4P-ARxPM_US4pAKQq76Vcc1fuzPqF9WvsmmHKV2YIivotpe07qsNYX7AaA5UPpR0NzzMVw-H52p-TsJnjDwtrT-HWytJR1xBFngkooroQUCWN7nho5khK9BNFAdEmcBwnszlsw0poxUiJR2Fp7Bau52UixkAzHptbIPLgZU706iPmElHN8_mNBS3QsTomUs4zUJZAnU7FfdJZJ4AkkWUtCNQPbefCvP7EsvbnJ1E9g65XXXp7Gn5C_VEtCXYMId8X7y6W14GXaef3mvys0ZRogKOITggXag5CYi5jz_KshTgr4yAupOAu1vYV0Qmf9cKrNqG2AwuumjR-8yWX3Utx-ulzVhznsbfrlfBS3DGr5UYjjyTQg8k3R3toGFqD7MUPpKoMy6st8qg0vCOa7yd6x20vlkDkpyuF5JA4QWGHhbGyYQ-LFQ7DzBCqFLjouARmvxhzGxTyuky_FW0JP-HkJT4TIT33YTkonfuR9osn8B-CAwOvoJNJsnkAOVzOS8pQ1iL-ke1tiOXuvHgM28IxvZP8vp5vTF-oYz37oSCSSGIHHkQ2yvANtGtC9cJ8Ckyn2MDO971KyRpjspSj673gyryf5MR2ZGfxXduYhgP0Fna7V0ql61PxH4tqABHGzLnAqwj40ZRphG6fsayvhysspN5XPPtIvCGwZ6_o4ErDxozMcVzmlqIqa-KYyQ6JGBV-yxClqq-Vr9qRQZC40vh8EkSKav3Ee6qsiif00-QY9VcHy2PLi0QQSGHjIXxVP6IAg5fRJG3cmURXwd9DY86RHFCClcn8gmbRJTs_MKH9_WyXBUZMJHcb6mTVHVEG2YK7mKOC8if2V7J2YXAy2XC9MLfIH9Sz-kOKVf4VeykI2uC2UXQEIohwRUMBYg80DajgMq1L8TxQ3_EwCgiWgu9yxmRSNPmeEQ%26sig%3DCg0ArKJSzIB9BB7rYEvhEAE%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fad.atdmt.com%252Fc%252Fimg%253Badv%253D11312204782683%253Bec%253D11312204817403%253Badv.a%253D8240968%253Bc.a%253D25378858%253Bs.a%253D3447485%253Bp.a%253D296513903%253Ba.a%253D489835819%253Bcache%253D1105616665%253Bqpb%253D1%253B%253Fh%253Dhttps%253A%252F%252Fwww.home.saxo%252Fda-dk%252Fproducts%252Fstocks%253Fcmpid%253Ddisp_google_9988386936_101778303506_500179662659%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ea8115d7b9e0a1b0a64d19f2ef526c2e13d0eff34099a38e0fb86bdd53bb69

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Mar 2021 06:28:30 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
15Kjh6tyE0T553acQhiTvw==
age
922644
cf-polished
origSize=71878
cf-request-id
08acf8968000002c566c04e000000001
x-ms-lease-status
unlocked
last-modified
Mon, 22 Feb 2021 21:02:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
67f5ede3-b01e-0048-7bb6-0af011000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
62c1c39d9a022c56-FRA
cf-bgj
minify
animated-creative.c5b76fb64da6d2dc7532.js
c.bannerflow.net/scripts/ Frame 82DC
118 KB
36 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.c5b76fb64da6d2dc7532.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6033966c3751136e3b9ac7b2?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRyiFdd_o9lEseeoVloODbvQGpJuk9qfa9lbWz7_P4SU6FOFRp0qfTExkPody1W7zVkBjBnc5h-QGFKZjXedd6Tzlett6sTe_lFxNlSk1GQag7LjxpV9euKvUKY4dLUhvsZrTIFUFm0-4ktCfjIDu92dQEpiIRRAafDRHmoAIGz3jSd4mf1gFImoKZPRITpaKx3ilG-Nv4P-ARxPM_US4pAKQq76Vcc1fuzPqF9WvsmmHKV2YIivotpe07qsNYX7AaA5UPpR0NzzMVw-H52p-TsJnjDwtrT-HWytJR1xBFngkooroQUCWN7nho5khK9BNFAdEmcBwnszlsw0poxUiJR2Fp7Bau52UixkAzHptbIPLgZU706iPmElHN8_mNBS3QsTomUs4zUJZAnU7FfdJZJ4AkkWUtCNQPbefCvP7EsvbnJ1E9g65XXXp7Gn5C_VEtCXYMId8X7y6W14GXaef3mvys0ZRogKOITggXag5CYi5jz_KshTgr4yAupOAu1vYV0Qmf9cKrNqG2AwuumjR-8yWX3Utx-ulzVhznsbfrlfBS3DGr5UYjjyTQg8k3R3toGFqD7MUPpKoMy6st8qg0vCOa7yd6x20vlkDkpyuF5JA4QWGHhbGyYQ-LFQ7DzBCqFLjouARmvxhzGxTyuky_FW0JP-HkJT4TIT33YTkonfuR9osn8B-CAwOvoJNJsnkAOVzOS8pQ1iL-ke1tiOXuvHgM28IxvZP8vp5vTF-oYz37oSCSSGIHHkQ2yvANtGtC9cJ8Ckyn2MDO971KyRpjspSj673gyryf5MR2ZGfxXduYhgP0Fna7V0ql61PxH4tqABHGzLnAqwj40ZRphG6fsayvhysspN5XPPtIvCGwZ6_o4ErDxozMcVzmlqIqa-KYyQ6JGBV-yxClqq-Vr9qRQZC40vh8EkSKav3Ee6qsiif00-QY9VcHy2PLi0QQSGHjIXxVP6IAg5fRJG3cmURXwd9DY86RHFCClcn8gmbRJTs_MKH9_WyXBUZMJHcb6mTVHVEG2YK7mKOC8if2V7J2YXAy2XC9MLfIH9Sz-kOKVf4VeykI2uC2UXQEIohwRUMBYg80DajgMq1L8TxQ3_EwCgiWgu9yxmRSNPmeEQ%26sig%3DCg0ArKJSzIB9BB7rYEvhEAE%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fad.atdmt.com%252Fc%252Fimg%253Badv%253D11312204782683%253Bec%253D11312204817403%253Badv.a%253D8240968%253Bc.a%253D25378858%253Bs.a%253D3447485%253Bp.a%253D296513903%253Ba.a%253D489835819%253Bcache%253D1105616665%253Bqpb%253D1%253B%253Fh%253Dhttps%253A%252F%252Fwww.home.saxo%252Fda-dk%252Fproducts%252Fstocks%253Fcmpid%253Ddisp_google_9988386936_101778303506_500179662659%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50bf11088effbe4314810d8309a06a72c33e9cabaf234f50aef9052650292868

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Mar 2021 06:28:30 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
1D0DVJrg2DGWBxj6ufkdMg==
age
1965141
cf-polished
origSize=121294
cf-request-id
08acf8968000002c567bbb8000000001
x-ms-lease-status
unlocked
last-modified
Fri, 12 Feb 2021 12:08:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
699250a4-a01e-0036-273b-016056000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
62c1c39d9a032c56-FRA
cf-bgj
minify
gen_204
pagead2.googlesyndication.com/pagead/ Frame A22D
0
46 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqTDKjnJEYNftFJSIgAfHpbL4BQAAAAA4AeAEAg&bg=!39yl3J_NAAWsVXnBrDsAKQB2-Dxa1yAsxUT_syetyy7m_vvdrnMlpIg8D6A0JT3mDyjz7aocAf5QAgAAAHlSAAAADWgBB5kC9be5VRXTgnSWdnd_uNAaz0-ZIZQb9tGM_uQcbsPX7O7cilYAxy4hJaABRfyu9k2l0Oj9j858QiSk3GW_pdDm6qCUP5lOK2HTjsGjGplcG4XuMiTIr0wEXw-U7b_i0tO-FF8MlP1BQ9dprSI1VqkqQ7iJvrxb7dm5zkrs-YlSgfD9thPYcUHIS2pxyQMuVCtzQ3xm8RyiLx3BVU4CVLKd9aABz5U8xzEwylk2kVoOXjRayCYlHvb9GkSm1a5B-1pBa1_mY-Ze9sP2m5KKFQlNjENAfBHMXfGtaFy_gyb1BjDyBdHs0wy48CYCLBvroGV_7gaCud0gJDENqemZOToAOQaaURgVTv9yDvIeYV-VXIE-WKwP1G-NvoAzmz8H3kH4KnmfgCSi1xx-t3oC7fK-7bzQSEZSWptWBgGukGfiAqhHphlwZ5i8HiScgmQSnSpDFr41dJeiYtWXyVv33lssMhNhDYX9_lYRx5vwUn-LVROk4ZM5xDj2RJn0yKjIKMzfGCsMebp3Ge9frWTmqkn1pUhWd1r3DrpHU5exBU4IgMjyBJLi1RcYYKtQRBW5JLn8C2dT8jKOEugJ1wMJ9y6SMWKya3niDnt27BKCBVe5tMlG_ZbZ3JE0sHoxKr9w4ssqaPfADOyCSYDhfjHC0lA6mHOfXSO5M5lkhKVNsMQ_FA_Ei9hODQtICKAWazXU5lYR1wHhfBWqsBzp0Cz3S0k1oXVlSHPFtxVz4C2c4OImP1h2ghJa6OD1qwdGKMQ0H_rDuip-iFEtq2ucSHBKYc_MiDq9Fdq2PpF8TlVCYPV5wNg90P_V6JzElCt6yirLzehAOr65sIDxnp19nXQ75h88ZoKh46FY-GI1wh0GYqwfWk-fpoeWfVkI3oiS4bHfS-MdM72QsUkWxJLxyq-JozD1BAc87wi5dXKBQNy3qcRqUF45Y-mW700Otf6BcLfCFchhXnJw5-Phlzd11VIgYivawXlASPcuky0h3oGLzuWWGlxJvj1TKS0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 82DC
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
font
c.bannerflow.net/fs/api/v2/ Frame 82DC
7 KB
7 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F48143311-bbb8-4b5b-aab6-8b95e2d0fe50.woff&t=%20BFHIabdefghijklmnoprstuvy%C3%A5%C3%A6%C3%B8
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe222c3473810d3c513a22703603cf2a641a2ff01755010fd5b78d896328d421

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:31 GMT
cf-cache-status
HIT
server
cloudflare
age
922641
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=48143311-bbb8-4b5b-aab6-8b95e2d0fe50-subset.woff
cf-ray
62c1c39ec8250625-FRA
cf-request-id
08acf8973e0000062522236000000001
expires
Thu, 24 Feb 2022 14:11:10 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 82DC
18 KB
18 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20%2C.HVacdefhiklmnoprstu%C3%A5%C3%A6%C3%B8
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ad2a295a91a452e7e1c8f07d9c31e5abbd1995eec3a5377a8593dbb658db39

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:31 GMT
cf-cache-status
HIT
server
cloudflare
age
922681
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
62c1c39ec8260625-FRA
cf-request-id
08acf8973e000006251e986000000001
expires
Thu, 24 Feb 2022 14:10:30 GMT
async_usersync
ib.adnxs.com/ Frame 9C00
0
745 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Mar 2021 06:28:31 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid
d76f2572-c2b9-4fee-9359-8db3d743d36c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ae8ec1df-88f9-4ce2-a73b-9034d02f3b5f.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame EC88
3 KB
1 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ae8ec1df-88f9-4ce2-a73b-9034d02f3b5f.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d63707338a0258a11cbf7600dce37035688c1f9e7b84494b75e8252c8be68bc0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 07 Mar 2021 06:28:31 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
geO0p72xIm1+eBK8Ul7/9Q==
age
6158
cf-request-id
08acf8977900002c56be9a9000000001
x-ms-lease-status
unlocked
last-modified
Fri, 23 Oct 2020 12:29:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
728e9418-701e-0057-6c41-044315000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
62c1c39f2b5e2c56-FRA
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame FF5F
245 KB
76 KB
Script
General
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.7c174be0cad5cd1a656c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.192 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 07 Mar 2021 06:28:31 GMT
content-encoding
gzip
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
NetDNA-cache/2.2
content-md5
3jN+4HvsftV/jNd4P/RFbA==
etag
W/"0x8D777D243C9FCFD"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*, *
x-ms-request-id
a7e4b218-401e-0137-1d8c-122b49000000
x-ms-version
2014-02-14
x-ms-lease-state
available
pixel
c.bannerflow.net/tr/v2/ Frame 82DC
0
312 B
Other
General
Full URL
https://c.bannerflow.net/tr/v2/pixel
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6033966c3751136e3b9ac7b2?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRyiFdd_o9lEseeoVloODbvQGpJuk9qfa9lbWz7_P4SU6FOFRp0qfTExkPody1W7zVkBjBnc5h-QGFKZjXedd6Tzlett6sTe_lFxNlSk1GQag7LjxpV9euKvUKY4dLUhvsZrTIFUFm0-4ktCfjIDu92dQEpiIRRAafDRHmoAIGz3jSd4mf1gFImoKZPRITpaKx3ilG-Nv4P-ARxPM_US4pAKQq76Vcc1fuzPqF9WvsmmHKV2YIivotpe07qsNYX7AaA5UPpR0NzzMVw-H52p-TsJnjDwtrT-HWytJR1xBFngkooroQUCWN7nho5khK9BNFAdEmcBwnszlsw0poxUiJR2Fp7Bau52UixkAzHptbIPLgZU706iPmElHN8_mNBS3QsTomUs4zUJZAnU7FfdJZJ4AkkWUtCNQPbefCvP7EsvbnJ1E9g65XXXp7Gn5C_VEtCXYMId8X7y6W14GXaef3mvys0ZRogKOITggXag5CYi5jz_KshTgr4yAupOAu1vYV0Qmf9cKrNqG2AwuumjR-8yWX3Utx-ulzVhznsbfrlfBS3DGr5UYjjyTQg8k3R3toGFqD7MUPpKoMy6st8qg0vCOa7yd6x20vlkDkpyuF5JA4QWGHhbGyYQ-LFQ7DzBCqFLjouARmvxhzGxTyuky_FW0JP-HkJT4TIT33YTkonfuR9osn8B-CAwOvoJNJsnkAOVzOS8pQ1iL-ke1tiOXuvHgM28IxvZP8vp5vTF-oYz37oSCSSGIHHkQ2yvANtGtC9cJ8Ckyn2MDO971KyRpjspSj673gyryf5MR2ZGfxXduYhgP0Fna7V0ql61PxH4tqABHGzLnAqwj40ZRphG6fsayvhysspN5XPPtIvCGwZ6_o4ErDxozMcVzmlqIqa-KYyQ6JGBV-yxClqq-Vr9qRQZC40vh8EkSKav3Ee6qsiif00-QY9VcHy2PLi0QQSGHjIXxVP6IAg5fRJG3cmURXwd9DY86RHFCClcn8gmbRJTs_MKH9_WyXBUZMJHcb6mTVHVEG2YK7mKOC8if2V7J2YXAy2XC9MLfIH9Sz-kOKVf4VeykI2uC2UXQEIohwRUMBYg80DajgMq1L8TxQ3_EwCgiWgu9yxmRSNPmeEQ%26sig%3DCg0ArKJSzIB9BB7rYEvhEAE%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fad.atdmt.com%252Fc%252Fimg%253Badv%253D11312204782683%253Bec%253D11312204817403%253Badv.a%253D8240968%253Bc.a%253D25378858%253Bs.a%253D3447485%253Bp.a%253D296513903%253Ba.a%253D489835819%253Bcache%253D1105616665%253Bqpb%253D1%253B%253Fh%253Dhttps%253A%252F%252Fwww.home.saxo%252Fda-dk%252Fproducts%252Fstocks%253Fcmpid%253Ddisp_google_9988386936_101778303506_500179662659%2526dclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Mar 2021 06:28:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
cf-ray
62c1c3a0bca52c56-FRA
content-length
0
cf-request-id
08acf8987300002c56c8b63000000001
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
activeview
pagead2.googlesyndication.com/pcs/ Frame DD07
42 B
479 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWJAJwLyDX2nAIcd14y0Q6c1MaRrIObiyMaSojsj_LnHCV51SqiTKg-wzLpKMZIy-lfIpXEUgtLPkPD0EMHGB8G69MnVHDDpAx8Yx8AUj3JG3nqbcKFFpcrkfZj3jjBxlfwcbawcV6aJBkMCJXCdYv6Fl-R-Zmj3ePH9-Uxaey_6rXyn5D0bzcrw1XD5t3RA&sai=AMfl-YQp_W9c5zhhmf5w2Qw8zBKZAnfJB8Q85Jqv51HD_Ki0jns5qz_w5tbExw7x63sn6j7_QI2N-5F9HncN4AsnU-1gKLqeaWTLqM0gupFca_YGzVyjDxdbu7YKSxk&sig=Cg0ArKJSzNDgZ1oIumR-EAE&cid=CAASF-Rowxuc9prbfaDoJNO5skeEs17CBnID&id=osdim&mcvt=1002&p=1101,436,1191,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3090211009&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1615098510635&dlt=40&rpt=188&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
updowntoday.com/porpoiseant/
0
42 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:31 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:31 UTC
rochester.js
updowntoday.com/detroitchicago/
2 KB
831 B
Script
General
Full URL
https://updowntoday.com/detroitchicago/rochester.js?gcb=192-0&cb=3
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
90942d87197e5381d7af4f6671567ac8250d322999792aab578073016b5ad0e5

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:32 GMT
content-encoding
br
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
798
edmonton.webp
updowntoday.com/detroitchicago/
14 KB
4 KB
Script
General
Full URL
https://updowntoday.com/detroitchicago/edmonton.webp?a=a&cb=192-0&shcb=34
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:32 GMT
content-encoding
br
server
nginx/1.16.0
cache-control
max-age=31536000
x-robots-tag
noindex
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
vitals.js
updowntoday.com/tardisrocinante/
5 KB
2 KB
Script
General
Full URL
https://updowntoday.com/tardisrocinante/vitals.js?gcb=0&cb=3
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
26b4485584314aa0850427462143a6a28b66c982db28deb42766214fad7744c7

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:32 GMT
content-encoding
br
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
1701
army.gif
updowntoday.com/porpoiseant/
0
19 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyMTgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2NTU0IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidW5pdCI6ImRpdi1ncHQtYWQtdXBkb3dudG9kYXlfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRLIiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTA1In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:32 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:31 UTC
army.gif
updowntoday.com/porpoiseant/
0
42 B
XHR
General
Full URL
https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils5NzAsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTc1NCIsImRvbWFpbl9pZCI6IjI0NDg3MSIsInVuaXQiOiJkaXYtZ3B0LWFkLXVwZG93bnRvZGF5X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTc1NCIsImRvbWFpbl9pZCI6IjI0NDg3MSIsInVuaXQiOiJkaXYtZ3B0LWFkLXVwZG93bnRvZGF5X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:32 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:32 UTC
imp.gif
updowntoday.com/detroitchicago/
43 B
128 B
XHR
General
Full URL
https://updowntoday.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A5%2C%22ad_location_ids%22%3A%226%2C5%2C1%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A2%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22Copenhagen%22%2C%22country%22%3A%22DK%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A244871%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A2%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1109%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22a7eff552-bc28-49d3-4554-dbc60a0a86d7%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%222750%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A8857%2C%22response_time_orig%22%3A11%2C%22serverid%22%3A%2218.157.168.151%3A17739%22%2C%22state%22%3A%2284%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1109%22%2C%22t_epoch%22%3A1615098506%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fupdowntoday.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A122%2C%22worst_bad_word_level%22%3A0%7D
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:32 GMT
content-encoding
br
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/gif
x-middleton-display
imp_sol
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
47
greenoaks.gif
updowntoday.com/detroitchicago/
0
19 B
XHR
General
Full URL
https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDMtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI3In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjAifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTYwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3RhZyIsInZhbCI6ImVuLVVTIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3ByaW1hcnlfc3VidGFnIiwidmFsIjoiZW4ifV19XQ==
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:32 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:32 UTC
greenoaks.gif
updowntoday.com/detroitchicago/
0
42 B
XHR
General
Full URL
https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImRvbWFpbl9pZCI6IjI0NDg3MSIsInRfZXBvY2giOjE2MTUwOTg1MDYsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjEzMSJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMjc3In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIxNzQifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIxNzUifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiNjIzIn1dfV0=
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:32 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:33 UTC
greenoaks.gif
updowntoday.com/detroitchicago/
0
19 B
XHR
General
Full URL
https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiI0MzgifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjQzOCJ9XX1d
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:32 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:31 UTC
greenoaks.gif
updowntoday.com/detroitchicago/
0
19 B
XHR
General
Full URL
https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiI5LjYifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfV0=
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:32 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:32 UTC
SPug
simage4.pubmatic.com/AdServer/ Frame 963B
0
418 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156983&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 06:23:06 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
greenoaks.gif
updowntoday.com/detroitchicago/
0
42 B
XHR
General
Full URL
https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6Ijc1MDAwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjIifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiMTYyMzAwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiIyIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxNjAweDEyMDAifSx7Im5hbWUiOiJ2aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMDAifSx7Im5hbWUiOiJkb2NfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX2hlaWdodCIsInZhbCI6IjEyMDAifV19XQ==
Requested by
Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://updowntoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 06:28:34 GMT
server
nginx/1.16.0
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Sat, 06 Mar 2021 06:28:33 UTC
dc_oe=ChMI1-zx58ad7wIVFATgCh3HkgxfEAEYACCmxu1F;met=1;&timestamp=1615098520906;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame DD07
42 B
498 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1-zx58ad7wIVFATgCh3HkgxfEAEYACCmxu1F;met=1;&timestamp=1615098520906;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 06:28:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __ez string| __sellerid string| ezogtk function| processGoogleToken object| __banger_pmp_deals object| _ebcids number| ezobv function| ez_isclean object| ezSlotKVStore function| ezSetSlotTargeting function| ezGetSlotById object| ez_queue function| sort_queue function| execute_ez_queue function| ez_write_tag function| in_array object| ezrpos undefined| ez_current_interval number| ez_current_load function| __ez_fad_load boolean| __ez_fad_floatshowd function| __ez_fad_floatshow object| __ez_fad_initslot object| ezslit_run object| __ez_fad_divs number| __ez_fad_vw number| __ez_fad_vh function| __ez_fad_visible function| __ez_fad_position object| ez_ad_units object| ezslots object| ezsrqt object| epbjs boolean| __enableAnalytics object| ezorbf boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag object| ezoibfh object| ezaxmns object| ezaucmns function| ezogetbrkey boolean| ezoll string| ezoadxnc function| ezorefgsl boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat function| epbjsChunk object| _pbjsGlobals object| adsbygoogle string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl boolean| cmpIsOn function| $ function| jQuery boolean| __inScopeForCCPA function| __uspapi function| __receiveUspapiMessage function| __ez_tkn_evnt string| ggv2id function| rFunc object| ezRBA undefined| __ez_dims boolean| ezCanEngagePage object| cmpCookies object| __ezCmpConfig function| setImmediate function| clearImmediate object| nunjucksPrecompiled object| ezCMP function| uglipop function| ezoChar function| ezoCharSize function| epbjsRequestAdUnits function| epbjsRefreshSlot function| __ezDotData object| __ezcl string| ezoScriptHost function| ll string| lI boolean| l1l string| scriptHostDomain undefined| scriptTag function| EzoicBanger object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL function| ezosethbbids boolean| lIlI1 number| lIlII function| ezogallbs function| EzoicA function| EzoicAS object| ezomash function| ezbanger function| ezvb function| ezsr function| ezoSyncToDfp function| ezoGetDFPSlot boolean| success object| Criteo object| ggeac object| google_js_reporting_queue function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| ct object| ezdent object| ezDenty object| ezmt object| ezua object| ezuxgoals function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ezslot_0 object| ezslot_1 object| google_reactive_ads_global_state object| ezslot_interstitial object| googleToken object| googleIMState number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| ggevents undefined| bean object| GUMGUM boolean| ezowwinit number| ezouspvv string| slotElName number| bid_val object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests object| slots string| slot object| ggData object| criteo_pubtag object| criteo_pubtag_prebid_105 object| Criteo_prebid_105 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb string| l1l1 object| vitalsFired object| metricNameMap function| ezlogVital object| webVitals function| _ez_TOS_TrackEvent number| ez_tos_track_count number| ez_last_activity_count object| ezux object| riveted object| perf_vals

19 Cookies

Domain/Path Name / Value
updowntoday.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
updowntoday.com/ Name: cto_bidid
Value: 1m7kbF9ha0R2R1dYNnkyN05SVVJmTGxTMHV1SnRMZyUyRkVRSXBrb1BObE03Y0dlcnFhYjZ1dU5Kcm1KbHolMkZZcHVibjkwcGtTRWJJb1ZqTFQ0WEJWUzJFTzlqQ3clM0QlM0Q
updowntoday.com/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
updowntoday.com/ Name: cto_bundle
Value: YwvbZV9oYWY5NEMzNDMlMkJ6Y3RiMVhueFE5eUo4V0lZQnM0UXRraU1oRkphWUxJYmlwc2UwRGMwYkYlMkJkbE1KdnNOSzlrTnRINGxDS2h4VXFoUWk3JTJGdjA0VUJJNEI4NWNqb3RwMWpQc1ZSQkhIWVNjdFRDaWM1N2ttQ0FnSlVCdTJWaFZFUg
.updowntoday.com/ Name: ezCMPCCS
Value: false
.updowntoday.com/ Name: active_template::244871
Value: pub_site.1615098506
.updowntoday.com/ Name: ezovuuidtime_244871
Value: 1615098506
updowntoday.com/ Name: ezouspvv
Value: 0
.updowntoday.com/ Name: ezovid_244871
Value: 1600165624
updowntoday.com/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.updowntoday.com/ Name: lp_244871
Value: https://updowntoday.com/
.updowntoday.com/ Name: ezepvv
Value: 0
updowntoday.com/ Name: ezouspva
Value: 0
.updowntoday.com/ Name: ezopvc_244871
Value: 1
updowntoday.com/ Name: PHPSESSID
Value: i37r9g1esibaed7fvd67ankq45
.updowntoday.com/ Name: ezoab_244871
Value: mod54
.updowntoday.com/ Name: ezoref_244871
Value:
.updowntoday.com/ Name: ezoadgid_244871
Value: -1
.updowntoday.com/ Name: ezovuuid_244871
Value: dfb08f56-a679-467b-75a5-afe5ed673475

1 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://updowntoday.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
ad.atdmt.com
ad.turn.com
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.avads.net
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.dk
aud.pubmatic.com
bh.contextweb.com
bidder.criteo.com
c.bannerflow.net
c1.adform.net
cc.adingo.jp
cdn.ampproject.org
cm.adgrx.com
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.adkernel.com
eb2.3lift.com
ezodn.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
g.ezoic.net
g2.gumgum.com
gcm.ctnsnet.com
go.ezodn.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js.gumgum.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
shared.bannerflow.com
simage2.pubmatic.com
simage4.pubmatic.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
updowntoday.com
ups.analytics.yahoo.com
visitor.fiftyt.com
www.google.com
www.googletagservices.com
www.updowntoday.com
x.bidswitch.net
108.161.188.192
136.144.59.88
142.250.185.98
142.250.186.34
142.250.186.66
142.250.186.98
143.204.209.27
151.101.113.108
151.101.114.49
159.253.128.183
159.65.197.210
173.231.180.197
174.137.133.49
178.250.0.165
178.250.2.146
178.250.2.151
18.156.0.31
18.156.95.187
18.180.1.224
18.195.54.133
185.29.133.52
185.33.221.90
185.64.189.110
185.64.189.112
185.64.189.114
185.64.190.106
185.64.190.78
188.165.137.78
198.148.27.139
199.232.137.44
2.18.233.180
2001:678:cb4:bbbb::11
213.155.156.168
213.19.147.150
213.19.147.151
2606:4700:10::ac43:db6
2606:4700:3034::ac43:a5bb
2606:4700:3037::6815:59e2
2606:4700::6810:c40
2606:4700::6812:c05
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:12::1370
2a03:2880:f006:2:face:b00c:0:8c
3.124.142.110
3.125.253.138
3.126.196.163
3.127.92.82
34.98.107.212
35.186.193.173
35.201.96.126
35.205.207.25
35.227.248.159
37.157.6.251
51.89.9.251
52.16.108.17
52.57.49.235
54.228.192.197
54.36.109.166
63.33.123.138
66.155.71.25
77.243.60.138
85.114.159.93
0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
08375cebca0d36f2fa3ec9e027a974146af7161553e4319a418d4cee6b38bed7
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1b68431bd479f66f60cca8fef9520547c0f28390680174d8b36c5591085e8393
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
21537244b96141ab4ea8c05f51cbe9a7c8d722b9044028943996246d5c6d5cf6
26b4485584314aa0850427462143a6a28b66c982db28deb42766214fad7744c7
2cc09b0d82fa5d05aef18c5468f24d943431683c73266d6a46c8f16325b23620
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
311a42892bf475bb07fdef468183033b4ed1279be748f72784859988fbd023c6
33302d9da48d1fa1f5ce3548ebf2930999bc9542488997e19cb2fe9ac284273c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38e22a9da44d362f72a06246a2653d10f24cb3c8062ab3d63c93273cb41f212f
38f07c7160e5dc7c2623e4150a4b1929e9d259db9f64c8e1e5bc25e5b2dd47f3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40b47f8f2a8aa15e80567ce7d818f9b3a51c99adb6ef60f61fbc475c316166fa
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
421c172f4f115ba30cbb6ad5b5b706c9084b2033f6a70a72efce5a20bf0689e9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4c20c2747553616cbc08aa2f877b3c3ce8ffe7168a81e7cc9b0794202d1cbae8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2fe837fac57d5caa2d862fa289ddac23bb6c2bd37fedecf79ced48cb663c34
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f8dd1d1ec248bc933c041dcb0e7ae8e254f3e2ad9f49de259ae2cdacf913266
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bf11088effbe4314810d8309a06a72c33e9cabaf234f50aef9052650292868
51e11a7c55044e36f2ce0f57235975cdd61ea8176e65edf0867925cc2ae784e1
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad
68197ac5c5260bd2d7bf01b44c6828edba8f9a961771de44dc3fecebd98b2cf2
6a269449dc9a2b38af97bf0d5d04aae94d19d69e1d62f728628de3554e2678e7
73659609288d7036477f63d33e6c3e8575c40a6a1c849b6153b4bd7e0baf710f
75ad2a295a91a452e7e1c8f07d9c31e5abbd1995eec3a5377a8593dbb658db39
7aeee37cba9b03f4ab2a8b5593628d7848d2c624086f78b0f0b96dd29a15e05c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fff143c2a39269ba1aeae88a6e416e80284a281ed1073ce60013a866dc69b50
82c8dceb6b0ac37e43dd6870591ed3a1025fe642ffc706a9a116027c600806c7
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
89bf3de8570a10482ca91e099cef7e17d0d7d3c79cea977d13b48d76d77400c3
8c2cef937c83d593f0ab8cc696a2015b06d0894547ad10445b14e17e14674c8f
90942d87197e5381d7af4f6671567ac8250d322999792aab578073016b5ad0e5
909dde01f9dbb1039af7e3bb99e8e90a0d6e1831d1e056121b2c092b8966abe5
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73b5e53a22a20b8b935fe91df39d9cdbbd69b16b94372dc6c2a07137b3b89c0
a7c4efd1f41f3683d4845c653d5166988897616f79951568dad9323c26f2d6f3
a87d1742fea1badee591003c1a567eedd470524918d3d4d7f9a15935c4e98f3a
b0ea8115d7b9e0a1b0a64d19f2ef526c2e13d0eff34099a38e0fb86bdd53bb69
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b930a131bce632e30468d53ba640c7ef7e4fe27e45b7365067bcb5fe509b58e7
bd91996ae2e8edb6395b041cc66625a0c1e02a322e90ff0a7c208f8b8f6d4157
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d679ac84ecc9a5b589e84f21c81e8d7e49bf01d5b38ec3e6ff86c47e623e72
d2ec856bb58188dd2dfea5848df664d4b65f51c7a459449b294c59b367eff9b2
d63707338a0258a11cbf7600dce37035688c1f9e7b84494b75e8252c8be68bc0
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b92530616ddbefbed0e825e094cd914f17ae899b42152f17028a0073f5eb62
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae
f8e041458975e71884aecd7832fab1a496aff1c38af68dbe47f7e7c084a7b6f7
fe222c3473810d3c513a22703603cf2a641a2ff01755010fd5b78d896328d421