updowntoday.com Open in urlscan Pro
3.126.196.163 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.updowntoday.com/
Effective URL:
https://updowntoday.com/
Submission: On March 07 via api (March 7th 2021, 6:28:47 am UTC) from US

Summary HTTP 173 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 54 IPs in 10 countries across 58 domains to perform 173 HTTP transactions. The main IP is 3.126.196.163, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is updowntoday.com.
TLS certificate: Issued by R3 on February 9th 2021. Valid for: 3 months.

This is the only time updowntoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	3.126.196.163 3.126.196.163	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:59e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:a5bb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	143.204.209.27 143.204.209.27	16509 (AMAZON-02) (AMAZON-02)
1 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	3.124.142.110 3.124.142.110	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 5	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	18.156.95.187 18.156.95.187	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	63.33.123.138 63.33.123.138	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.36.109.166 54.36.109.166	16276 (OVH) (OVH)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.168 213.155.156.168	1299 (TELIANET ...) (TELIANET Telia Carrier)
1 21	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	54.228.192.197 54.228.192.197	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	188.165.137.78 188.165.137.78	16276 (OVH) (OVH)
2 2	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
4 4	52.16.108.17 52.16.108.17	16509 (AMAZON-02) (AMAZON-02)
1 1	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
1	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2 2	3.127.92.82 3.127.92.82	16509 (AMAZON-02) (AMAZON-02)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
3 7	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.106 185.64.190.106	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 2	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
1 1	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
3 3	18.195.54.133 18.195.54.133	16509 (AMAZON-02) (AMAZON-02)
2 2	3.125.253.138 3.125.253.138	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f00... 2a03:2880:f006:2:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	52.57.49.235 52.57.49.235	16509 (AMAZON-02) (AMAZON-02)
1	18.180.1.224 18.180.1.224	16509 (AMAZON-02) (AMAZON-02)
2 2	35.205.207.25 35.205.207.25	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6810:c40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.161.188.192 108.161.188.192	33438 (HIGHWINDS2) (HIGHWINDS2)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
173	54

41 3.126.196.163 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com

www.updowntoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
updowntoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:59e2 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:a5bb (United States)

ASN13335 (CLOUDFLARENET, US)

ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-27.fra53.r.cloudfront.net

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.142.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-142-110.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.90 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.95.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.123.138 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-123-138.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.166 (France)

ASN16276 (OVH, FR)
PTR: p10.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.192.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-192-197.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.137.78 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.150 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.16.108.17 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.151 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-delivery-4.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.92.82 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.251 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.52 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.54.133 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.253.138 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f006:2:face:b00c:0:8c (United States)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.49.235 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.180.1.224 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.205.207.25 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:c40 (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.188.192 (United States)

ASN33438 (HIGHWINDS2, US)

shared.bannerflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	updowntoday.com 1 redirects www.updowntoday.com updowntoday.com	105 KB
28	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com aud.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	47 KB
26	googlesyndication.com 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	94 KB
15	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	154 KB
9	bannerflow.net c.bannerflow.net	96 KB
7	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	2 KB
6	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	22 KB
6	google.com 1 redirects adservice.google.com www.google.com	1 KB
5	ampproject.org cdn.ampproject.org	99 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	2 KB
3	gumgum.com 1 redirects js.gumgum.com g2.gumgum.com rtb.gumgum.com	37 KB
3	ezodn.com go.ezodn.com ezodn.com g.ezodn.com	170 KB
2	avads.net 2 redirects ads.avads.net	613 B
2	3lift.com 2 redirects eb2.3lift.com	942 B
2	2mdn.net s0.2mdn.net	41 KB
2	googletagservices.com www.googletagservices.com	62 KB
2	dotomi.com pubmatic-match.dotomi.com dclk-match.dotomi.com	207 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	724 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	adform.net 2 redirects c1.adform.net	823 B
2	fiftyt.com 2 redirects visitor.fiftyt.com	990 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	tapad.com 1 redirects pixel.tapad.com	616 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	560 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	criteo.net static.criteo.net	51 KB
2	gstatic.com fonts.gstatic.com	60 KB
2	ezoic.net g.ezoic.net	133 B
2	googleapis.com fonts.googleapis.com	2 KB
2	google.dk adservice.google.dk	2 KB
2	onetag-sys.com onetag-sys.com	1 KB
1	bannerflow.com shared.bannerflow.com	76 KB
1	adingo.jp cc.adingo.jp	44 B
1	adkernel.com dsp.adkernel.com	233 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	481 B
1	atdmt.com ad.atdmt.com	1 KB
1	playground.xyz 1 redirects ads.playground.xyz	485 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	quantserve.com 1 redirects pixel.quantserve.com	542 B
1	turn.com 1 redirects ad.turn.com	518 B
1	mathtag.com 1 redirects sync.mathtag.com	680 B
1	simpli.fi um.simpli.fi	609 B
1	zeotap.com mwzeom.zeotap.com	594 B
1	contextweb.com 1 redirects bh.contextweb.com	461 B
1	adgrx.com cm.adgrx.com	408 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	650 B
1	erne.co 1 redirects green.erne.co	327 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	bidr.io match.prod.bidr.io	430 B
1	id5-sync.com id5-sync.com	927 B
1	a-mo.net prebid.a-mo.net	764 B
1	advertising.com ads.adaptv.advertising.com	216 B
173	58

	Domain	Requested by
40	updowntoday.com	updowntoday.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net updowntoday.com tpc.googlesyndication.com cdn.ampproject.org
14	simage2.pubmatic.com	1 redirects image6.pubmatic.com ads.pubmatic.com
9	c.bannerflow.net	s0.2mdn.net c.bannerflow.net
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com www.googletagservices.com
7	cm.g.doubleclick.net	3 redirects 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
7	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
6	securepubads.g.doubleclick.net	updowntoday.com securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	match.adsrvr.org	4 redirects
4	ib.adnxs.com	1 redirects go.ezodn.com acdn.adnxs.com
3	x.bidswitch.net	3 redirects
3	www.google.com	1 redirects updowntoday.com
3	gum.criteo.com	1 redirects static.criteo.net
3	adservice.google.com	updowntoday.com securepubads.g.doubleclick.net
2	ads.avads.net	2 redirects
2	eb2.3lift.com	2 redirects
2	s0.2mdn.net	updowntoday.com s0.2mdn.net
2	www.googletagservices.com	securepubads.g.doubleclick.net updowntoday.com
2	sync-tm.everesttech.net	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	c1.adform.net	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	pixel.tapad.com	1 redirects image6.pubmatic.com
2	pm.w55c.net	2 redirects
2	sync.1rx.io	2 redirects
2	d5p.de17a.com	2 redirects
2	ads.pubmatic.com	go.ezodn.com ads.pubmatic.com
2	static.criteo.net	go.ezodn.com static.criteo.net
2	fonts.gstatic.com	fonts.googleapis.com
2	g.ezoic.net	updowntoday.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.dk	securepubads.g.doubleclick.net
2	onetag-sys.com	go.ezodn.com
2	mug.criteo.com	updowntoday.com
1	ade.googlesyndication.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	shared.bannerflow.com	c.bannerflow.net
1	cc.adingo.jp	782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
1	dsp.adkernel.com	782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
1	ad.atdmt.com	s0.2mdn.net
1	googleads4.g.doubleclick.net	updowntoday.com
1	rtb.gumgum.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	pixel-sync.sitescout.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	ad.turn.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	match.taboola.com	image6.pubmatic.com
1	trc.taboola.com	1 redirects
1	bh.contextweb.com	1 redirects
1	s.tribalfusion.com	image6.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cm.adgrx.com	image6.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	green.erne.co	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	match.prod.bidr.io	image6.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	acdn.adnxs.com	go.ezodn.com
1	id5-sync.com	go.ezodn.com
1	g2.gumgum.com	js.gumgum.com
1	googleads.g.doubleclick.net
1	prebid.a-mo.net	go.ezodn.com
1	hbopenbid.pubmatic.com	go.ezodn.com
1	bidder.criteo.com	go.ezodn.com
1	ads.adaptv.advertising.com	go.ezodn.com
1	g.ezodn.com	ezodn.com
1	js.gumgum.com	updowntoday.com
1	ezodn.com	updowntoday.com
1	go.ezodn.com	updowntoday.com
1	www.updowntoday.com	1 redirects
173	86

This site contains links to these domains. Also see Links.

Domain
g.ezoic.net

Subject Issuer	Validity	Valid
updowntoday.com R3	`2021-02-09` - `2021-05-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.gumgum.com Amazon	`2020-11-14` - `2021-12-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-03` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.a-mo.net R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
*.google.dk GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
ezoic.net R3	`2021-01-23` - `2021-04-23`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.id5-sync.com R3	`2020-12-26` - `2021-03-26`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.semasio.net Sectigo ECC Domain Validation Secure Server CA	`2020-03-09` - `2021-03-27`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-01-29` - `2021-04-28`	3 months	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.adingo.jp DigiCert SHA2 Secure Server CA	`2020-03-26` - `2021-04-15`	a year	crt.sh
*.bannerflow.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-10` - `2022-03-13`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://updowntoday.com/
Frame ID: 02F967830CD0E70C4F7A6ED119CB55F5
Requests: 73 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: C2CA600DA116099EDEEF160C8DCE5DA7
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 5D7711FF443A7F003F276F75B9A755B4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=updowntoday.com
Frame ID: 092D071E96FD168C46255BFDEF826FA4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 963B80C3EA58D210CB92524381592663
Requests: 25 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1615098506834&us_privacy=1---
Frame ID: 5BF5E996AF8F03DBD2C7630129EADDA6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9C00FADA02D071976696D03E838D29E9
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: BC10928FF44B505B022F2AB7C99C1327
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3074622870793750158
Frame ID: 7A8D871A5578E28C9A597F9BCD346EB2
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 5DB31C30F8F07BF5B965543C0CFB7B15
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936795280274421906
Frame ID: 85AF3FC831562A1C3B16C076D8827974
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZvJmEbOj0ZjeaKdnNqPYWbhk
Frame ID: 23CE8F11161D167CDBF12098B3A397B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003
Frame ID: B8BB5C9937B45B9542B09B69870E8A28
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: C161CBFD082B295A8706C816545E8D31
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B5803ACBB8D1A8E2B7F3EF1F2619C77B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lki5Y6yQfUDI&pid=557219
Frame ID: 89BF809E5DA7D00C688A12ED5549F5FE
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: CC67B66FAF2B0740E3246F4595AA3AEA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kHqSR4yc1LiMTY5&gdpr=0&gdpr_consent=
Frame ID: 98DE94FC552A5A30A6E0B53BC75F010C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: AA62C779712AFED1914AC769BF8E6435
Requests: 1 HTTP requests in this frame

Frame: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 0969B3F056385B129C175271A45D0E1A
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMzFrLTYzT5sc6cWN7eVcWFFow5aDZnsLttXvvNcFNkcwulMKMjgApNKxzIFtX4EAVh2rAcmakliYnd9gjuY_aYxgJAFHwFyqOGAXjobIZjSpPbI54PvKuOVbUyA9Smhv4WSwtGA4l5RsLzG8ivBeCpL8fYDAqK0-5l1xLY9g3ORIVhJJ3Ot2yMfPjfTBjxWXp0MT0oSZoi3SgO0xGltzKa04ZJ261IsHCOULOJLy1Zb5wcOyOPi5TrRAV1bNn5hFfdfiHwYhofiVKliY4FoOfQblUn87jvNqPPdzq_PG3fG8NU2hMOpgvHa32zP65eTIeZSZAXiH8vXbD8QZMZ3WM4IQ4Zr735gqkB2ZH23uUQCd3wMJApxpgD1PjGrK5YehYp2f_jdnvoeoDgOfWZRn_Ri2sETf0y5rQIP4he3Twz-kcJBnqqhVvhAbdVOrU6iXKHwF3YiqrnNae79Ha3tKvGZuUKsTIcb1NqBWtyc9qCMchbRql_xDgocuUTf2qAJOC_NAG_AIL3ok0v8a6b3rT2ijxvKe3hGEQx1FuryuaY_y-GmXW7VgSZp0pmPLoL7831AKBT8qH7pcKae5xUPp8crYJS36-N9rIH2MqabAWDQXt5r6AUMFtMG379baFYLPe0jQFA4epaNQvGBOgKcvUngl3pZTaLq9WR7jKvb11GsEiHmtABPLyHVzX01U-CchT1x3xvgm2SNWTVf5Dax-CUtH94GzusLlWkW1ugoYx1pFZlKHNgxErsbK2f5bNHFj6-14baljW43nPz-_aSsIA6G0gLqoiCk6oME3ElxJGOnc6yUgddxyPFUSUR1P4PXPUp3w2SxN3T1T8AnUMNZse3aveEvW13J0vzc5dtFdBQIZCQvyIsVoFim3b2u4W7otkIcevZhrO8NVdChJv_lL9BW-dlTPLcmL0iJo48goI-zqKu40LtPrx9sBVpCzLOSnIhpYNyZLyzDOLppvzim0H5NgrTOneo_7P8Fclrgc72mVjK8dqiiL5CYuFxHrtlF37xHZciVnZTSUfrKPs5o2J70NdcU8KhC74FXqsY2G2EfaUtZBmbb7c3fWkGI23NTc64vGiXAlegJs3eBI0NFwdxMeDfYMgx7AfiwndPh_LZlRaWya7&sig=Cg0ArKJSzIT1cvUvdMEbEAE&urlfix=1&adurl=&tpd=AGWhJmvBvQD95OW1m-5oJoqrvdVSzGWaOCweb2SpzI_w5IwGog
Frame ID: DD075476F97E0DE869C9792F649E269B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 288C553F33C2F72E1CE5246C720DFD3F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A22DBD67F6A303A06598C976F14F1B90
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
Frame ID: 82DC9B59D48CE56D40C7DCC2B6998943
Requests: 10 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ae8ec1df-88f9-4ce2-a73b-9034d02f3b5f.svg
Frame ID: EC8891E357AB95DA869FE94B6BFD5740
Requests: 1 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: FF5FC35CB6BC544323598E8CCF51DBC1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.updowntoday.com/ HTTP 301
https://updowntoday.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

173
Requests

100 %
HTTPS

30 %
IPv6

58
Domains

86
Subdomains

54
IPs

10
Countries

1123 kB
Transfer

3270 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://g.ezoic.net/privacy/updowntoday.com
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.updowntoday.com/ HTTP 301
https://updowntoday.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupdowntoday.com%2F&domain=updowntoday.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Eq1vgHxEUG1aVGdnMWt5Q1FXaUFPK2YyckkrT0FjSjFPVWNyZ0tKdEVlQ3ZNQXlQVm5sSHhuc3FBNFVzUFYrdkRNZjhBbmhsM1cyQXZSai9oeFgwWWxSV0hnNzk5TzBuc0E4TFFpNmp1WVhYOGs2eWxxSTJXK201SlR4dEMyTU9uZWFVWkR4dlBrUXFJNE5QNGFQcXZvZFZFZlF4NFMyVC9QcjY3bjlBTEN4bXY2NktuUlRxMWROclZXWXFnV0J3cVd3ZUlZUnh4Y0RqYjkvSVJjSmJEMHpzWlJlTTVZN05iT1pBQ0VkS1JLRUpsTEZZPXw&cppv=2

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 85

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3074622870793750158

Request Chain 87

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936795280274421906

Request Chain 88

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZvJmEbOj0ZjeaKdnNqPYWbhk

Request Chain 89

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2286571566 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2286571566 HTTP 302
https://sync.1rx.io/usersync/tradedesk/9400d0a6-6d95-4fb4-ae38-df41363d79b3 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-fd57fb60-4f54-4893-b992-2cff0edacf13-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003

Request Chain 91

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 92

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lki5Y6yQfUDI&pid=557219

Request Chain 93

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 94

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kHqSR4yc1LiMTY5&gdpr=0&gdpr_consent=

Request Chain 95

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Itq5rfiaSCe7p8T1Megy5Q%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 98

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 99

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&addseg=29

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJEQUI5QUQtRjg5QS00ODI3LUJCQTctQzRGNTMxRTgzMkU1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGtPq5ZxXgvtgrkxWuiflD8&google_cver=1

Request Chain 103

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8772386290146331978

Request Chain 104

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c1e76044-728e-4400-959a-508e20d6ff1d&gdpr=0&gdpr_consent=

Request Chain 105

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bd2cb31b-3cf7-4af4-9090-767825de08c9

Request Chain 106

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4750522130641813616&gdpr=0&gdpr_consent=

Request Chain 107

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GCFl2DF1l2L12xEJqsFcBifD0HWdq60-&gdpr=0&gdpr_consent=

Request Chain 109

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8083888559215874712&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 110

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH

Request Chain 111

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=7e39e1a5-3c3b-43a7-aaad-6ff9daec56d7&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 112

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YERyjgAAAFoZlyzr HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YERyjgAAAFoZlyzr&gdpr=0&gdpr_consent=&_test=YERyjgAAAFoZlyzr

Request Chain 113

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 115

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:eb00ed22-2463-4646-9976-a34416e630a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 116

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4750522130641813616

Request Chain 117

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7dd6db99-52dc-4d27-8923-0ae385b067bc

Request Chain 140

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDqBA_Nd61XBKiw0iTwIyko&google_cver=1&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_wlR6jCVTkxHBU6jukCw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_wlR6jCVTkxHBU6jukCw&google_hm=7JCr4RXfSKKr1IY395PNCOs

Request Chain 142

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFATjFetkkBL9lQ096M45to&google_cver=1&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3&google_gid=CAESEFATjFetkkBL9lQ096M45to HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIwMzY5ODA4MjE4NTM1MDA0NQ%3D%3D&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3

Request Chain 144

https://ads.avads.net/sync/ggl?google_gid=CAESEG5-0gevhPLECE61pOwQMO8&google_cver=1&google_push=AQvitULK-uDcCcEpHvCrlr2__YunlaDeIzzYhcs0AEe5i9PO3OTgAXquQcOqwDNCIaqAgO21jxlEH-W0ueBaYqOjmjSPB_JfWIKIUq8 HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESEG5-0gevhPLECE61pOwQMO8&google_cver=1&google_push=AQvitULK-uDcCcEpHvCrlr2__YunlaDeIzzYhcs0AEe5i9PO3OTgAXquQcOqwDNCIaqAgO21jxlEH-W0ueBaYqOjmjSPB_JfWIKIUq8&av_tc=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YmNjZDM3YTYtMTFmZS00MjJmLTg4YzYtZmVkNjc0NDBkNjcy

173 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
updowntoday.com/
Redirect Chain

https://www.updowntoday.com/
https://updowntoday.com/

86 KB
25 KB

146ms
137ms

Document
text/html

3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 40b47f8f2a8aa15e80567ce7d818f9b3a51c99adb6ef60f61fbc475c316166fa

Request headers

:method: GET
:authority: updowntoday.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 07 Mar 2021 06:28:26 GMT
display: pub_site_sol
expires: Sat, 06 Mar 2021 06:28:26 GMT
pagespeed: off
pragma: no-cache
response: 200
server: nginx/1.16.0
set-cookie: PHPSESSID=i37r9g1esibaed7fvd67ankq45; path=/ ezoadgid_244871=-1; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 06:58:26 UTC ezoref_244871=; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 08:28:26 UTC ezoab_244871=mod54; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 08:28:26 UTC active_template::244871=pub_site.1615098506; Path=/; Domain=updowntoday.com; Expires=Tue, 09 Mar 2021 06:28:26 UTC ezopvc_244871=1; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 06:58:26 UTC ezepvv=0; Path=/; Domain=updowntoday.com; Expires=Mon, 08 Mar 2021 06:28:26 UTC lp_244871=https://updowntoday.com/; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 08:28:26 UTC ezovid_244871=1600165624; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 06:58:26 UTC ezovuuidtime_244871=1615098506; Path=/; Domain=updowntoday.com; Expires=Tue, 09 Mar 2021 06:28:26 UTC ezovuuid_244871=dfb08f56-a679-467b-75a5-afe5ed673475; Path=/; Domain=updowntoday.com; Expires=Sun, 07 Mar 2021 06:58:26 UTC ezCMPCCS=false; Path=/; Domain=updowntoday.com; Expires=Mon, 07 Mar 2022 06:28:26 GMT
vary: Accept-Encoding User-Agent,Accept-Encoding
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-sol: pub_site

Redirect headers

cache-control: max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html
date: Sun, 07 Mar 2021 06:28:26 GMT
display: staticcontent_sol
expires: Sat, 06 Mar 2021 06:28:26 GMT
location: https://updowntoday.com/
pagespeed: off
response: 301
server: nginx/1.16.0
vary: Accept-Encoding Origin,Accept-Encoding
x-middleton-display: staticcontent_sol
x-middleton-response: 301
x-sol: pub_site
content-length: 101

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=updowntoday.com

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 257 KB
75 KB 49ms
34ms Script
application/javascript 2606:4700:3037::6815:59e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:59e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd91996ae2e8edb6395b041cc66625a0c1e02a322e90ff0a7c208f8b8f6d4157

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 341990
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZGvIhNEuKHqK9CnIN5htuMGYUXxP7qguMkl3DZULfpr48Q2mFIuOF9oxcQ4L0oLUZeBWhhJ7sF%2B7YcdlSONtM2x6zer%2B07jUp%2Fan4W3uoF78xQw9TojjobE%3D"}]}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 62c1c3819a5405ed-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08acf884ff000005ede3358000000001

GET
H2 200 boise.js Show response
updowntoday.com/detroitchicago/ 983 B
518 B 35ms
34ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/boise.js?gcb=192-0&cb=1
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 426

GET
H2 200 style.css
updowntoday.com/pages/desktop/ 13 KB
3 KB 72ms
72ms Stylesheet
text/css 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/pages/desktop/style.css?1615098506
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 909dde01f9dbb1039af7e3bb99e8e90a0d6e1831d1e056121b2c092b8966abe5

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
response: 200
last-modified: Sun, 07 Mar 2021 05:11:19 GMT
server: nginx/1.16.0
display: staticcontent_sol, orig_site_sol
etag: "603f7571-3480-gzip"
vary: Accept-Encoding, Origin,Accept-Encoding
content-type: text/css
x-middleton-display: staticcontent_sol, orig_site_sol
cache-control: public, max-age=2592000
x-middleton-response: 200
x-sol: orig
content-length: 2683

GET
H2 200 jquery.min.js Show response
updowntoday.com/jquery/ 85 KB
29 KB 62ms
61ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/jquery/jquery.min.js
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
response: 200
last-modified: Sat, 06 Mar 2021 06:45:21 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
etag: "5bd592c0-15283-gzip"
vary: Accept-Encoding, Origin,Accept-Encoding
content-type: application/javascript; charset=utf-8
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: public, max-age=2592000
x-middleton-response: 200

GET
H2 200 all.js Show response
updowntoday.com/jquery/ 501 B
391 B 57ms
57ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/jquery/all.js
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 33302d9da48d1fa1f5ce3548ebf2930999bc9542488997e19cb2fe9ac284273c

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
response: 200
last-modified: Sun, 07 Mar 2021 05:25:23 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
etag: "5f96ddd7-1f5-gzip"
vary: Accept-Encoding, Origin,Accept-Encoding
content-type: application/javascript; charset=utf-8
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: public, max-age=2592000
x-middleton-response: 200
content-length: 218

GET
H2 200 augusta.js Show response
updowntoday.com/detroitchicago/ 1 KB
609 B 35ms
35ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/augusta.js?cb=4
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 73659609288d7036477f63d33e6c3e8575c40a6a1c849b6153b4bd7e0baf710f

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 573

GET
H2 200 altconsent.js Show response
ezodn.com/cmp/ 396 KB
93 KB 41ms
25ms Script
application/javascript 2606:4700:3034::ac43:a5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezodn.com/cmp/altconsent.js?v=8
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b92530616ddbefbed0e825e094cd914f17ae899b42152f17028a0073f5eb62

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Dec 2020 23:21:46 GMT
server: cloudflare
age: 282429
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T6lPQeTh7%2BQh5k2cdII3Tj5jfmKqxMCw%2BCqNcreQJATSBuhX9stWTCzHytVY1QWse2ffdcAWjaqZTfLnb%2BIFcCMT8HBAta091JXZhdCpb4et0I%2FCSOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 62c1c381aed64e4a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08acf8850b00004e4a4aa54000000001

GET
H2 200 ezcl.webp Show response
updowntoday.com/utilcave_com/inc/ 1 KB
690 B 41ms
39ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
x-sol: middleton
server: nginx/1.16.0
display: staticcontent_sol
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: max-age=86400
content-length: 605

GET
H2 200 houston.js Show response
updowntoday.com/detroitchicago/ 3 KB
1 KB 36ms
34ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/houston.js?gcb=0&cb=36
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 08375cebca0d36f2fa3ec9e027a974146af7161553e4319a418d4cee6b38bed7

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1153

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 117ms
41ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

f8e041458975e71884aecd7832fab1a496aff1c38af68dbe47f7e7c084a7b6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "804 / 715 of 1000 / last-modified: 1614985959"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19793
x-xss-protection: 0
expires: Sun, 07 Mar 2021 06:28:26 GMT

GET
H2 200 banger.js Show response
updowntoday.com/porpoiseant/ 50 KB
11 KB 41ms
39ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/banger.js?cb=192-0&bv=8&v=45&PageSpeed=off
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 82c8dceb6b0ac37e43dd6870591ed3a1025fe642ffc706a9a116027c600806c7

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000, public
x-robots-tag: noindex
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 memphis.js Show response
updowntoday.com/detroitchicago/ 5 KB
2 KB 36ms
35ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 1b68431bd479f66f60cca8fef9520547c0f28390680174d8b36c5591085e8393

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1514

GET
H2 200 minneapolis.js Show response
updowntoday.com/detroitchicago/ 864 B
452 B 38ms
37ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/minneapolis.js?gcb=192-0&cb=3
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 419

GET
H2 200 raleigh.js Show response
updowntoday.com/detroitchicago/ 2 KB
804 B 37ms
37ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/raleigh.js?gcb=192-0&cb=5
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 771

GET
H2 200 tampa.js Show response
updowntoday.com/detroitchicago/ 773 B
440 B 35ms
34ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/tampa.js?gcb=192-0&cb=3
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 407

GET
H2 200 logo.svg
updowntoday.com/images/ 5 KB
2 KB 47ms
47ms Image
image/svg+xml 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://updowntoday.com/images/logo.svg
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/pages/desktop/style.css?1615098506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 89bf3de8570a10482ca91e099cef7e17d0d7d3c79cea977d13b48d76d77400c3

Request headers

Referer: https://updowntoday.com/pages/desktop/style.css?1615098506
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
response: 200
last-modified: Sun, 07 Mar 2021 03:11:25 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
etag: "5c224865-15d0-gzip"
vary: Accept-Encoding, Origin,Accept-Encoding
content-type: image/svg+xml
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: public, max-age=2592000
x-middleton-response: 200
content-length: 2408

GET
H2 200 services.js Show response
js.gumgum.com/ 97 KB
37 KB 241ms
166ms Script
application/javascript 143.204.209.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-27.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68197ac5c5260bd2d7bf01b44c6828edba8f9a961771de44dc3fecebd98b2cf2

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:27 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:13:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"98bba5d1c68ff0b8224a103f1fd2ca86"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: .J9rv0WLpPZGMPgpLV9W_U1_YQM1j6yW
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-meta-timing-allow-origin: *
x-amz-meta-access-control-allow-origin: *
content-type: application/javascript
x-amz-cf-id: WUFy_xa_Z95YeWEyGOW10SmrxN6bvAtqKp2-55F8ot0_C_rquHZcOQ==

GET
H2 200 anchorfix.js Show response
updowntoday.com/ezoic/ 879 B
453 B 38ms
34ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/ezoic/anchorfix.js?cb=192-0
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex, noindex
content-length: 383
expires: Mon, 07 Mar 2022 06:28:26 GMT

GET
H2 200 jellyfish.webp Show response
updowntoday.com/porpoiseant/ 58 KB
11 KB 85ms
84ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/jellyfish.webp?a=a&cb=192-0&shcb=34
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000
x-robots-tag: noindex
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 style.css
g.ezodn.com/cmp/ 13 KB
2 KB 20ms
11ms Stylesheet
text/css 2606:4700:3037::6815:59e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/style.css?domainId=244871&version=0&cv=5fa624ffffff000000
Requested by: Host: ezodn.com
URL: https://ezodn.com/cmp/altconsent.js?v=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:59e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38e22a9da44d362f72a06246a2653d10f24cb3c8062ab3d63c93273cb41f212f

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Feb 2021 23:32:06 GMT
server: cloudflare
age: 423876
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4U8TrTVOm0SYYYQUOPT6uT0f4qfbv1VF2ZsHz21YVCV7ZjW9qsfgPgV1OqLK0kKPI%2B%2BOcCH3C1rDwKdI4lgn8X9A54aRLX%2FILyfqviCnr0gNk2sXZ5pE7w%3D%3D"}]}
content-type: text/css; charset=utf-8
cache-control: public, max-age=604800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 62c1c382bb7805ed-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08acf885b0000005edd83bb000000001

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 41ms
13ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupdowntoday.com%2F&domain=updowntoday.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://updowntoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://updowntoday.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1645
date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupdowntoday.com%2F&domain=updowntoday.com&cw=1
https://mug.criteo.com/sid?cpp=Eq1vgHxEUG1aVGdnMWt5Q1FXaUFPK2YyckkrT0FjSjFPVWNyZ0tKdEVlQ3ZNQXlQVm5sSHhuc3FBNFVzUFYrdkRNZjhBbmhsM1cyQXZSai9oeFgwWWxSV0hnNzk5TzBuc0E4TFFpNmp1WVhYOGs2eWxxSTJXK201SlR4dE...

345 B
629 B

93ms
32ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Eq1vgHxEUG1aVGdnMWt5Q1FXaUFPK2YyckkrT0FjSjFPVWNyZ0tKdEVlQ3ZNQXlQVm5sSHhuc3FBNFVzUFYrdkRNZjhBbmhsM1cyQXZSai9oeFgwWWxSV0hnNzk5TzBuc0E4TFFpNmp1WVhYOGs2eWxxSTJXK201SlR4dEMyTU9uZWFVWkR4dlBrUXFJNE5QNGFQcXZvZFZFZlF4NFMyVC9QcjY3bjlBTEN4bXY2NktuUlRxMWROclZXWXFnV0J3cVd3ZUlZUnh4Y0RqYjkvSVJjSmJEMHpzWlJlTTVZN05iT1pBQ0VkS1JLRUpsTEZZPXw&cppv=2

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

38f07c7160e5dc7c2623e4150a4b1929e9d259db9f64c8e1e5bc25e5b2dd47f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 07 Mar 2021 06:28:26 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2055
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 07 Mar 2021 06:28:26 GMT
location: https://mug.criteo.com/sid?cpp=Eq1vgHxEUG1aVGdnMWt5Q1FXaUFPK2YyckkrT0FjSjFPVWNyZ0tKdEVlQ3ZNQXlQVm5sSHhuc3FBNFVzUFYrdkRNZjhBbmhsM1cyQXZSai9oeFgwWWxSV0hnNzk5TzBuc0E4TFFpNmp1WVhYOGs2eWxxSTJXK201SlR4dEMyTU9uZWFVWkR4dlBrUXFJNE5QNGFQcXZvZFZFZlF4NFMyVC9QcjY3bjlBTEN4bXY2NktuUlRxMWROclZXWXFnV0J3cVd3ZUlZUnh4Y0RqYjkvSVJjSmJEMHpzWlJlTTVZN05iT1pBQ0VkS1JLRUpsTEZZPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://updowntoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2809
content-length: 482
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
367 B 109ms
38ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://updowntoday.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
216 B 131ms
33ms XHR
application/json 3.124.142.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=EzoicInc
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.142.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-142-110.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://updowntoday.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
145 B 122ms
40ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.27.0&cb=74516874550
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://updowntoday.com
date: Sun, 07 Mar 2021 06:28:26 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 133ms
63ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8c2cef937c83d593f0ab8cc696a2015b06d0894547ad10445b14e17e14674c8f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 07 Mar 2021 06:28:26 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.44:80
AN-X-Request-Uuid: 931f0c6e-ca79-4aec-8a51-480f387b95f9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://updowntoday.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 103ms
37ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://updowntoday.com
date: Sun, 07 Mar 2021 05:38:07 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 c Show response
prebid.a-mo.net/a/ 773 B
764 B 320ms
126ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 6a269449dc9a2b38af97bf0d5d04aae94d19d69e1d62f728628de3554e2678e7

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://updowntoday.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 30
content-length: 334

GET
H2 200 nmash.js
updowntoday.com/porpoiseant/ 33 KB
9 KB 40ms
40ms Other
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/nmash.js?v=8
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 311a42892bf475bb07fdef468183033b4ed1279be748f72784859988fbd023c6

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: br
last-modified: Sat, 27 Feb 2021 22:40:54 GMT
server: nginx/1.16.0
etag: "8548-5bc5913cf0980;5bcec330b402b-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex

GET
H3-Q050 200 pubads_impl_2021030401.js Show response
securepubads.g.doubleclick.net/gpt/ 283 KB
100 KB 116ms
65ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 09:38:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101872
x-xss-protection: 0
expires: Sun, 07 Mar 2021 06:28:26 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 100ms
31ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1171
date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=updowntoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 06:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 43ms
29ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=updowntoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 06:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 366ms
366ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=816644278099550&correlator=1520462990803738&output=ldjh&impl=fif&eid=31060360&vrg=2021030401&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210307&iu_parts=1254144%2Cupdowntoday_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C234x60%7C300x250%7C336x280%7C468x60%7C728x90&prev_scp=iid1%3D56554%26t%3D134%26d%3D244871%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod54%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dupdowntoday_com-box-2-56554%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10061%26asau%3D8948657208%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D79%252C189%252C154%252C67%252C48%252C122%252C81%252C20%252C71%252C164%252C175%252C31%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C608&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1615098506&dt=1615098506980&dlt=1615098506472&idt=474&frm=20&biw=1600&bih=1200&oid=3&adxs=515&adys=102&adks=2010662305&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupdowntoday.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x250&msz=250x250&ga_vid=888551642.1615098507&ga_sid=1615098507&ga_hid=306470338&ga_fc=false&fws=4&ohw=728&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

51e11a7c55044e36f2ce0f57235975cdd61ea8176e65edf0867925cc2ae784e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11000
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://updowntoday.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 80ms
13ms Other
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
336 B 454ms
453ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=816644278099550&correlator=1391282387804558&output=ldjh&impl=fif&eid=31060360&vrg=2021030401&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210307&iu_parts=1254144%2Cupdowntoday_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=iid1%3D69754%26t%3D134%26d%3D244871%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod54%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dupdowntoday_com-medrectangle-2-69754%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10061%26asau%3D8948657208%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D100%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%252C14%252C28%252C4%252C51%252C0%252C88%252C0%252C71%252C30%252C0%252C31%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1615098506&dt=1615098506991&dlt=1615098506472&idt=474&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1106&adks=3090211009&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupdowntoday.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=888551642.1615098507&ga_sid=1615098507&ga_hid=306470338&ga_fc=false&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

21537244b96141ab4ea8c05f51cbe9a7c8d722b9044028943996246d5c6d5cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://updowntoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame C2CA 185 KB
53 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 234313
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 13:23:14 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C2CA 12 KB
5 KB 47ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 234313
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 13:23:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C2CA 87 KB
27 KB 45ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 234313
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 13:23:14 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C2CA 3 KB
1 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 234313
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 13:23:14 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C2CA 40 KB
13 KB 47ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 234313
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 13:23:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C2CA 5 KB
784 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=da

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cc09b0d82fa5d05aef18c5468f24d943431683c73266d6a46c8f16325b23620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Mar 2021 06:20:03 GMT
server: ESF
date: Sun, 07 Mar 2021 06:28:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Mar 2021 06:28:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C2CA 5 KB
761 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cc09b0d82fa5d05aef18c5468f24d943431683c73266d6a46c8f16325b23620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Mar 2021 06:28:27 GMT
server: ESF
date: Sun, 07 Mar 2021 06:28:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Mar 2021 06:28:27 GMT

GET
DATA 200
OK truncated
/ Frame C2CA 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0d679ac84ecc9a5b589e84f21c81e8d7e49bf01d5b38ec3e6ff86c47e623e72

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame C2CA 1 KB
902 B 37ms
22ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 16:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Mar 2022 16:19:29 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C2CA 0
0 68ms
66ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyZTZi3JEYPSwAorWgAfcqKToA-zQls9h87We-oANipW70ZQOEAEg9PnGJWDRgbmC0AegAeHchfEDyAEGqQJz6XqkXn-FPuACAKgDAcgDCqoE0gFP0KAT1BpBemDv6WmfCEBlPVGBeFEJyNWIaJzdVWGEHqWW6XKmo7dG8NVqqD7_K4-l5XiFbAIU4tg38jS1PkNXwkKVy369PZA9nyvBrMkftpVJzMZf1bvkOCpRE7jXVcTP0O-3kx0D3KcOJVc0I47ZBvH9_5UxLVFpg8Z9_2qoBJyBkY2ErDRTEjsJqIVyMzOShN1DcEIhjxPDxuGFmnq4ibMf8cQIt6iEDc3Qxf7HrDxh7987ZWCi0K133NlpqMvtFLAqhDzkr08uCYmXVm2FJOvABI2J9a-uA-AEAZIFBAgEGAGSBQQIBRgEoAY3gAfa6Ky-AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCowVXSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTE0MTQxNTQzMTcyNDg4ODmACgPICwHYEw2IFAGyFxoKGAgAEhRwdWItNjM5Njg0NDc0MjQ5NzIwOA&sigh=QJBRVfnHQlo&template_id=492&tpd=AGWhJmvNYTzJ6-Q40d3hN-Bbil_9wQzX_9fGSVlPmg75nEyk3w
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame C2CA 0
0 15ms
13ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnXTivpkm26KPwaPWCdBMvcihYgGsA6HsMwByIxQ-HyI58aG0vwqbz3o0LioOuSeNEYgMz
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2CA 2 KB
3 KB 36ms
21ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 79530
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 07 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2CA 295 B
748 B 34ms
20ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 25416
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 07 Mar 2021 23:24:51 GMT

GET
H2 200 greenoaks.gif Show response
updowntoday.com/detroitchicago/ 0
127 B 33ms
33ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjkwMyJ9XX1d
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:27 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:27 UTC

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 41ms
22ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a73b5e53a22a20b8b935fe91df39d9cdbbd69b16b94372dc6c2a07137b3b89c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 06:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6570
x-xss-protection: 0

GET
H2 200 greenoaks.gif Show response
updowntoday.com/detroitchicago/ 0
19 B 33ms
33ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6Ijk3MyJ9XX1d
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:27 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:27 UTC

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
19 B 34ms
34ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJhZjA2M2MyNDQwODliNTJlYzVhMDQyM2EyNThmMWY4ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTQsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE0LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2NTU0IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidW5pdCI6ImRpdi1ncHQtYWQtdXBkb3dudG9kYXlfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRLIiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM1NTAifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2NTU0IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidW5pdCI6ImRpdi1ncHQtYWQtdXBkb3dudG9kYXlfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRLIiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:27 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:27 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
93 B 107ms
35ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/porpoiseant/banger.js?cb=192-0&bv=8&v=45&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 07 Mar 2021 06:28:27 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
19 B 34ms
33ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTAzLTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiNyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:27 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:27 UTC

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
42 B 34ms
34ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImF1Y3Rpb25fZXBvY2giOjE2MTUwOTg1MDcsImFkX3Bvc2l0aW9uIjoxMTA5LCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiYmlkX2Zsb29yX2luaXRpYWwiOjE0MCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjE0MCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6Mzk0LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:27 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:28 UTC

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 07 Mar 2021 06:28:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C2CA 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=da

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://updowntoday.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 473800
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:51:47 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame C2CA 44 KB
44 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=da

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://updowntoday.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:34:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
age: 474840
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:34:27 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C2CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

35ms
13ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 07 Mar 2021 06:28:27 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 5D77 12 KB
5 KB 12ms
12ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://updowntoday.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://updowntoday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 07 Mar 2021 01:19:32 GMT
expires: Mon, 07 Mar 2022 01:19:32 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18535
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame C2CA 1 KB
756 B 11ms
11ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 16:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Mar 2022 16:19:29 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2CA 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 79530
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 07 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2CA 295 B
320 B 9ms
9ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 25416
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 07 Mar 2021 23:24:51 GMT

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D77 14 KB
6 KB 37ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 126839
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Sat, 05 Mar 2022 19:14:28 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 28ms
27ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030401&jk=816644278099550&bg=!wcKlwoHNAAWsVXnBrDsAKQB2-Dxa0MzWce1PKS_dnqqmYhdovR1EDrEr0kJm95nZ4R-Y9J_yUr9jAgAAAFlSAAAACWgBBwoAwpZ2xd4hRIvXu7Oee4j0VYY02k7EXWWGgZ6nfDr3Z6LVAaRrZeSiDhEcwBs8dFkBa5FeBuaudsJHiUbhB6qpGVxTljc3hFtzFfS_1Miv4yQ1ghrYD0dijd5LDHfvQ-yaDZ0oppoK2mUllDGQw9Gl1-CRi9Uvpl4D79IKNaoSr41K08rvNpZG2qvXmVt5od-zmduuady8tLNA4YUUlha4TejVrYnzX5vBAnfFBEoY3fhI-TJ4NFLUrF7d5RzmF9b0lkItmQH4jH85dyHjB7YDEI6gluNDPF-VVgTPShEoWPrUbF7CMYrfb9epnsr4O7VV8qHT7e2T5UmYuEP2Y1-b6SkztRjJdQoO1ON-D2IvJBlHuwxUXozbir3A1mpe2LCertfqHB4YvMlB_Hwca0u7rbmSD4p_eO6xFOOkApYxh9GkEEE6nFoPn8qglV-_WW3bfax1R2FWTP_MPYuokodYMOiDLkFPWSO62rTjenW6UeUmLphl1rvxGmY40YXesYpresDQv8FHnZNQqBSMChd9Ui_0FbNHETM9c4TfXHmrGl3CNp1vg-hVIar9EvPhSMGZUm9UW0ELVRj1rOG6QY5MzwSNCe42NCLjGfoYLfYWTXrm3bk9XntKENXKMcmOtiZ_8RWQKcJMc1ZbzcY0kRyl3nW5hIm97KGIJofqGYFIMs5JwUd3YXpCsas7Sdrn4FOaXZnza9uUEjCPYpbDUGzl1ISjVBwjR6nMEfbbSrtbJBFsCaY2OC9DbT-A3YymY4VTpwlKaCDqCn4rL2mh4jkMpyutWd8Um60p8CGyyE8Dh45AhZA1Ds-Vbbzypr0qaZR0fon8kNVzy21V5GZ3cddohViJjxeiZCs_4UKgUrSIU9EPqFJ73f2VsJTGs9M0N-q6_nwizrqnvF8hooI2_BjIK3JbBrz_vYjYb4_Cgdtn

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C2CA 42 B
94 B 28ms
28ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSpVXt_-cKdPFFYU4H0YFVYvJVDmbe82YZnvUj0HxepXVxAC1NsBckVo7p38zOCna5RG5Ji4Nbx8D0yQdbOQT6CHNGMWObnEK_j8tC43PeCarQplyjw9CvJlE1PQ&sai=AMfl-YRQxmVmaBTlM0aaL030voNj4hwonwUhMV1mBAW_7RLFhqXjU9md2gjXRUrN9R_d-mDVWrMqyiM6pXwMDCdQBQzyuuefGv_OCndCP6udNaFUVnjOqA230ClIKhfJYd4&sig=Cg0ArKJSzJsjGmhgigXfEAE&cid=CAASPeRodOwVmKdye9WIY1zPDsSpCZEdqRroq0tTCyLBGsPzwUdPgPZGHNtwz42rcmhU9gWWph4ox7nP3bFFbO4&id=ampim&o=490,102&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=129&tls=1130&g=100&h=100&tt=1130&r=v&avms=ampa&adk=2010662305

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
42 B 34ms
34ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:28 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:28 UTC

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
42 B 34ms
33ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTY1NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNzkifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:28 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:29 UTC

GET
H2 204 services Show response
g2.gumgum.com/zones/w9xc2jc5/ 0
525 B 218ms
56ms XHR
text/plain 63.33.123.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/zones/w9xc2jc5/services?dp=https%3A%2F%2Fupdowntoday.com%2F&pu=https%3A%2F%2Fupdowntoday.com%2F&ogu=%2F%2Fupdowntoday.com%2Fen%2F&rf=&r=3.81.0&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.81.0%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9830&bf=316fb8f71ee8eaf422f04de06471002f46450782&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1615098509689&to=-60&vpii=false&vph=1200&vpw=1600&uspConsent=1---
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-123-138.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://updowntoday.com
date: Sun, 07 Mar 2021 06:28:29 GMT
access-control-allow-credentials: true
server: nginx
timing-allow-origin: *
etag: "0d41d8cd98f00b204e9800998ecf8427e"
p3p: CP="This is not a P3P policy"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 170ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:29 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 08 Mar 2021 06:28:29 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 092D 0
150 B 13ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=updowntoday.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=updowntoday.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://updowntoday.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://updowntoday.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1417
date: Sun, 07 Mar 2021 06:28:29 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 84ms
41ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:29 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 08 Mar 2021 06:28:29 GMT

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 606 B
927 B 170ms
62ms XHR
application/json 54.36.109.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.166 , France, ASN16276 (OVH, FR),

Reverse DNS

p10.id5-sync.com

Software

Resource Hash

4c20c2747553616cbc08aa2f877b3c3ce8ffe7168a81e7cc9b0794202d1cbae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://updowntoday.com
Date: Sun, 07 Mar 2021 06:28:56 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 963B 37 KB
14 KB 102ms
36ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://updowntoday.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://updowntoday.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=41111
Expires: Sun, 07 Mar 2021 17:53:41 GMT
Date: Sun, 07 Mar 2021 06:28:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5BF5 2 KB
818 B 37ms
36ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1615098506834&us_privacy=1---

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1615098506834&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://updowntoday.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://updowntoday.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9C00 52 KB
17 KB 98ms
32ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic&cb=192-0-11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://updowntoday.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIkfo_EAoYASABKAEwiuWRggY4AUABSAEQiuWRggYYAA..; uuid2=4750522130641813616
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://updowntoday.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 24 Feb 2021 05:50:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 07 Mar 2021 06:28:30 GMT
Age: 2262
X-Served-By: cache-lga21977-LGA, cache-hhn4051-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 20652
X-Timer: S1615098510.139577,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 963B 8 KB
9 KB 158ms
40ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 4f8dd1d1ec248bc933c041dcb0e7ae8e254f3e2ad9f49de259ae2cdacf913266

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:28:28 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9C00 0
744 B 82ms
82ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Mar 2021 06:28:30 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid: 27711de4-f3e0-4e0b-9c18-c5557153fdbf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.dk/adsid/ 107 B
777 B 36ms
22ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=updowntoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 06:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=updowntoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Mar 2021 06:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
21 KB 328ms
328ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=816644278099550&correlator=396796439594090&output=ldjh&impl=fif&eid=31060360&vrg=2021030401&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210307&iu_parts=1254144%2Cupdowntoday_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=3&rcs=1&prev_scp=iid1%3D69754%26t%3D134%26d%3D244871%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod54%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dupdowntoday_com-medrectangle-2-69754%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10061%26asau%3D8948657208%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D50%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%252C14%252C28%252C4%252C51%252C0%252C88%252C0%252C71%252C30%252C0%252C31%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C19%26lb%3D100%26reqt%3D1615098510286&eri=1&cookie=ID%3D623e85df0a6c690a-2213de29b4ba0008%3AT%3D1615098507%3AS%3DALNI_Maqz2-sxLhlAGns8RDRtp7wU_YsTw&bc=31&abxe=1&lmt=1615098510&dt=1615098510289&dlt=1615098506472&idt=474&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1106&adks=3090211009&ucis=3&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupdowntoday.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=888551642.1615098507&ga_sid=1615098507&ga_hid=306470338&ga_fc=false&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4e2fe837fac57d5caa2d862fa289ddac23bb6c2bd37fedecf79ced48cb663c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21465
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://updowntoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame BC10 43 B
326 B 96ms
31ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sun, 07 Mar 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1043
x-powered-by: ASP.NET
date: Sun, 07 Mar 2021 06:28:29 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 7A8D
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3074622870793750158

42 B
769 B

125ms
32ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3074622870793750158
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 07 Mar 2021 06:17:28 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-3074622870793750158; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:28 GMT; path=/ PugT=1615097848; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:28 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:28 GMT; path=/
X-lat: amspug018:0:357
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3074622870793750158
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1 200
OK pm&gdpr=0&gdpr_consent= Show response
match.prod.bidr.io/cookie-sync/ Frame 5DB3 43 B
430 B 197ms
49ms Document
image/gif 54.228.192.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.192.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-192-197.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Sun, 07 Mar 2021 06:28:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 85AF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936795280274421906

42 B
771 B

86ms
32ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936795280274421906
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 07 Mar 2021 06:17:29 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6936795280274421906; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:29 GMT; path=/ PugT=1615097849; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/
X-lat: amspug008:0:376
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sun, 07 Mar 2021 06:28:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6936795280274421906; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6936795280274421906

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 23CE
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZvJmEbOj0ZjeaKdnNqPYWbhk

42 B
811 B

115ms
32ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZvJmEbOj0ZjeaKdnNqPYWbhk
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 07 Mar 2021 06:17:28 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-ZvJmEbOj0ZjeaKdnNqPYWbhk&KRTB&23212-ZvJmEbOj0ZjeaKdnNqPYWbhk; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:28 GMT; path=/ PugT=1615097848; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:28 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:28 GMT; path=/
X-lat: amspug015:0:371
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Sun, 07 Mar 2021 06:28:30 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=ZvJmEbOj0ZjeaKdnNqPYWbhk; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZvJmEbOj0ZjeaKdnNqPYWbhk
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame B8BB
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2286571566
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2286571566
https://sync.1rx.io/usersync/tradedesk/9400d0a6-6d95-4fb4-ae38-df41363d79b3
https://sync.targeting.unrulymedia.com/csync/RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003

42 B
849 B

32ms
32ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35; PUBMDCID=3; KRTBCOOKIE_1101=23040-6936795280274421906; KRTBCOOKIE_391=22924-8772386290146331978; KRTBCOOKIE_27=16735-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&16736-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&23019-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&23114-uid:c1e76044-728e-4400-959a-508e20d6ff1d; KRTBCOOKIE_107=1471-uid:kHqSR4yc1LiMTY5; KRTBCOOKIE_409=22966-ZvJmEbOj0ZjeaKdnNqPYWbhk&KRTB&23212-ZvJmEbOj0ZjeaKdnNqPYWbhk; KRTBCOOKIE_377=6810-bd2cb31b-3cf7-4af4-9090-767825de08c9&KRTB&22918-bd2cb31b-3cf7-4af4-9090-767825de08c9&KRTB&23031-bd2cb31b-3cf7-4af4-9090-767825de08c9; KRTBCOOKIE_336=5844-3074622870793750158; KRTBCOOKIE_57=22776-4750522130641813616; KRTBCOOKIE_80=16514-CAESEGtPq5ZxXgvtgrkxWuiflD8&KRTB&22987-CAESEGtPq5ZxXgvtgrkxWuiflD8&KRTB&23025-CAESEGtPq5ZxXgvtgrkxWuiflD8; KRTBCOOKIE_153=19420-8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH&KRTB&22979-8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH; KRTBCOOKIE_22=14911-8083888559215874712; KRTBCOOKIE_1074=22956-e_7dd6db99-52dc-4d27-8923-0ae385b067bc; PugT=1615097849; KRTBCOOKIE_218=22978-YERyjgAAAFoZlyzr&KRTB&23194-YERyjgAAAFoZlyzr&KRTB&23209-YERyjgAAAFoZlyzr&KRTB&23244-YERyjgAAAFoZlyzr
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 07 Mar 2021 06:17:29 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_594=17105-RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003&KRTB&17107-RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/ PugT=1615097849; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/
X-lat: amspug008:0:274
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: Tengine
Date: Sun, 07 Mar 2021 06:28:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003%22%7D; path=/; expires=Mon, 07 Mar 2022 06:28:30 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fd57fb60-4f54-4893-b992-2cff0edacf13-003
ETag: RXfd57fb604f544893b9922cff0edacf13003

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame C161 43 B
408 B 96ms
30ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: ams-delivery-4.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Sun, 07 Mar 2021 06:28:30 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame B580
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
442 B

181ms
174ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=arnoeUNZaiMyAmemDpPZbn1q3SJSPaPK3T16MYcfZco
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=d8ddb49001046784bc8b01b7b4e1a5f7d1615098510; expires=Tue, 06-Apr-21 06:28:30 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aLnseFpkijdDifqAaAclFFZcUY81MMmZblOLodG6AUOy0QZb5WFT6wTRUESjldr8EduOuFjAe4XkU1ZdJe4UuLRO; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 06:28:30 GMT; SameSite=None; Secure; ANON_ID_old=aLnseFpkijdDifqAaAclFFZcUY81MMmZblOLodG6AUOy0QZb5WFT6wTRUESjldr8EduOuFjAe4XkU1ZdJe4UuLRO; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 06:28:30 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 08acf894cf0000062deba54000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 62c1c39aeca7062d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 07 Mar 2021 06:28:30 GMT
content-type: text/html
set-cookie: __cfduid=d8ddb49001046784bc8b01b7b4e1a5f7d1615098510; expires=Tue, 06-Apr-21 06:28:30 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=arnoeUNZaiMyAmemDpPZbn1q3SJSPaPK3T16MYcfZco; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 06:28:30 GMT; SameSite=None; Secure; ANON_ID_old=arnoeUNZaiMyAmemDpPZbn1q3SJSPaPK3T16MYcfZco; path=/; domain=.tribalfusion.com; expires=Sat, 05-Jun-2021 06:28:30 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 332
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 08acf894160000062d798be000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 62c1c399bb1c062d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 89BF
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lki5Y6yQfUDI&pid=557219

1 B
463 B

33ms
32ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lki5Y6yQfUDI&pid=557219
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35; PUBMDCID=3; KRTBCOOKIE_1101=23040-6936795280274421906; KRTBCOOKIE_391=22924-8772386290146331978; KRTBCOOKIE_27=16735-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&16736-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&23019-uid:c1e76044-728e-4400-959a-508e20d6ff1d&KRTB&23114-uid:c1e76044-728e-4400-959a-508e20d6ff1d; KRTBCOOKIE_107=1471-uid:kHqSR4yc1LiMTY5; KRTBCOOKIE_409=22966-ZvJmEbOj0ZjeaKdnNqPYWbhk&KRTB&23212-ZvJmEbOj0ZjeaKdnNqPYWbhk; KRTBCOOKIE_377=6810-bd2cb31b-3cf7-4af4-9090-767825de08c9&KRTB&22918-bd2cb31b-3cf7-4af4-9090-767825de08c9&KRTB&23031-bd2cb31b-3cf7-4af4-9090-767825de08c9; KRTBCOOKIE_336=5844-3074622870793750158; KRTBCOOKIE_57=22776-4750522130641813616; KRTBCOOKIE_80=16514-CAESEGtPq5ZxXgvtgrkxWuiflD8&KRTB&22987-CAESEGtPq5ZxXgvtgrkxWuiflD8&KRTB&23025-CAESEGtPq5ZxXgvtgrkxWuiflD8; KRTBCOOKIE_153=19420-8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH&KRTB&22979-8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH; KRTBCOOKIE_22=14911-8083888559215874712; PugT=1615097848
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 07 Mar 2021 06:17:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/
X-lat: amspug019:0:358
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-568ff9c7d-5d796
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lki5Y6yQfUDI&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=ed56fde9c3534b2b; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame CC67
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

42ms
40ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Sun, 07 Mar 2021 06:28:30 GMT
via: 1.1 varnish
x-served-by: cache-hhn11571-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1615098511.527281,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e;Version=1;Path=/;Domain=.taboola.com;Expires=Mon, 07-Mar-2022 06:28:30 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f642e313-16e7-4546-bd8b-f9b718abf69b-tuct73df80e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Sun, 07 Mar 2021 06:28:30 GMT
via: 1.1 varnish
x-served-by: cache-hhn11571-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1615098510.435141,VS0,VE58
x-vcl-time-ms: 58
content-length: 0

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 98DE
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kHqSR4yc1LiMTY5&gdpr=0&gdpr_consent=

42 B
769 B

34ms
32ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kHqSR4yc1LiMTY5&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10824211&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=22DAB9AD-F89A-4827-BBA7-C4F531E832E5; chkChromeAb67Sec=1; DPSync3=1616284800%3A201_227_226_221; SyncRTB3=1615939200%3A63%7C1616284800%3A165_176_78_3_13_99_71_8_22_55_220_54_166_88_189_222_5_161_21_7_81_204_56%7C1615680000%3A2_15_67_223%7C1617667200%3A203%7C1616371200%3A35; PUBMDCID=3; KRTBCOOKIE_1101=23040-6936795280274421906; PugT=1615097849
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sun, 07 Mar 2021 06:17:29 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_107=1471-uid:kHqSR4yc1LiMTY5; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/ PugT=1615097849; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 06-Apr-2021 06:17:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 06:17:29 GMT; path=/
X-lat: amspug017:0:271
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Sun, 07 Mar 2021 06:28:30 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kHqSR4yc1LiMTY5&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-05a1c1cf6bbf9fe9a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=kHqSR4yc1LiMTY5; Domain=.w55c.net; Expires=Thu, 07-Apr-2022 06:28:30 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Tue, 06-Apr-2021 06:28:30 GMT; Path=/; SameSite=None; Secure
Content-Length: 0
Connection: keep-alive

GET
H2

200

check Show response
pixel.tapad.com/idsync/ex/receive/ Frame AA62
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
165 B

68ms
67ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1615098510604; TapAd_DID=5585e4c2-7f0e-11eb-afe8-5a9a02d33f5c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Sun, 07 Mar 2021 06:28:30 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1615098510604;Expires=Thu, 06 May 2021 06:28:30 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=5585e4c2-7f0e-11eb-afe8-5a9a02d33f5c;Expires=Thu, 06 May 2021 06:28:30 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 963B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Itq5rfiaSCe7p8T1Megy5Q%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

33ms
33ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:28:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=45899
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Sun, 07 Mar 2021 19:13:29 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 963B 95 B
594 B 52ms
33ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 62c1c399cba34e68-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08acf8941d00004e6818369000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 963B
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

100ms
99ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:29 GMT
frontend-id: 3
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:29 GMT
frontend-id: 4
location: /pubmatic/1/info2?sType=sync&sExtCookieId=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&addseg=29

7 B
147 B

368ms
40ms

Image
text/plain

185.64.190.106
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&addseg=29
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:28:30 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Sun, 07 Mar 2021 06:28:30 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&addseg=29
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJEQUI5QUQtRjg5QS00ODI3LUJCQTctQzRGNTMxRTgzMkU1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

128ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:28:30 GMT
X-lat: amspug007:0:371
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGtPq5ZxXgvtgrkxWuiflD8&google_cver=1

42 B
855 B

127ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGtPq5ZxXgvtgrkxWuiflD8&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:29 GMT
X-lat: amspug020:0:368
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGtPq5ZxXgvtgrkxWuiflD8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 963B 43 B
609 B 98ms
30ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 06 Mar 2021 06:28:30 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8772386290146331978

42 B
770 B

94ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8772386290146331978
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:27 GMT
X-lat: amspug013:0:497
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:30 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8772386290146331978
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c1e76044-728e-4400-959a-508e20d6ff1d&gdpr=0&gdpr_consent=

42 B
946 B

79ms
33ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c1e76044-728e-4400-959a-508e20d6ff1d&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:26 GMT
X-lat: amspug014:0:375
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Sun, 07 Mar 2021 06:28:28 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c1e76044-728e-4400-959a-508e20d6ff1d&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 07 Mar 2021 06:28:27 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bd2cb31b-3cf7-4af4-9090-767825de08c9

42 B
882 B

32ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bd2cb31b-3cf7-4af4-9090-767825de08c9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:28 GMT
X-lat: amspug012:0:372
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bd2cb31b-3cf7-4af4-9090-767825de08c9
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4750522130641813616&gdpr=0&gdpr_consent=

42 B
769 B

149ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4750522130641813616&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:29 GMT
X-lat: amspug011:0:364
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sun, 07 Mar 2021 06:28:30 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid: 706edcfc-1b14-4862-bb4e-e0ae64014dda
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4750522130641813616&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GCFl2DF1l2L12xEJqsFcBifD0HWdq60-&gdpr=0&gdpr_consent=

0
418 B

1146ms
32ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GCFl2DF1l2L12xEJqsFcBifD0HWdq60-&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:28 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 07 Mar 2021 06:28:30 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GCFl2DF1l2L12xEJqsFcBifD0HWdq60-&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 22DAB9AD-F89A-4827-BBA7-C4F531E832E5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 963B 43 B
839 B 102ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/22DAB9AD-F89A-4827-BBA7-C4F531E832E5?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8083888559215874712&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

32ms
32ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8083888559215874712&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:28 GMT
X-lat: amspug012:0:281
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8083888559215874712&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 07 Mar 2021 06:28:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH

42 B
843 B

32ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:29 GMT
X-lat: amspug017:0:300
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8FZR6vFUXbvrXgTn91BI7_4EUr_rAla__wOqDRcH
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=7e39e1a5-3c3b-43a7-aaad-6ff9daec56d7&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

32ms
32ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:29 GMT
X-lat: amspug003:0:372
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a4b28fbf-409e-46da-b4c4-63fcfa9ff62e&gdpr=&gdpr_consent=&gdpr_pd=
date: Sun, 07 Mar 2021 06:28:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YERyjgAAAFoZlyzr&gdpr=0&gdpr_consent=&_test=YERyjgAAAFoZlyzr

1 B
809 B

32ms
32ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YERyjgAAAFoZlyzr&gdpr=0&gdpr_consent=&_test=YERyjgAAAFoZlyzr
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:29 GMT
X-lat: amspug020:0:322
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615098511.835333,VS0,VE0
x-served-by: cache-hhn4026-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YERyjgAAAFoZlyzr&gdpr=0&gdpr_consent=&_test=YERyjgAAAFoZlyzr
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
760 B

32ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:28:31 GMT
X-lat: amspug006:0:399
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:31 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 963B 0
104 B 96ms
66ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=22DAB9AD-F89A-4827-BBA7-C4F531E832E5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:30 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:eb00ed22-2463-4646-9976-a34416e630a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

32ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:eb00ed22-2463-4646-9976-a34416e630a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:29 GMT
X-lat: amspug015:0:345
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:eb00ed22-2463-4646-9976-a34416e630a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sun, 07 Mar 2021 06:28:31 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4750522130641813616

42 B
505 B

32ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4750522130641813616
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:27 GMT
X-lat: amspug013:0:307
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sun, 07 Mar 2021 06:28:30 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid: 83d8cf95-4c11-43fc-92be-2bcba86c6bcc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4750522130641813616
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 963B
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7dd6db99-52dc-4d27-8923-0ae385b067bc

42 B
790 B

32ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7dd6db99-52dc-4d27-8923-0ae385b067bc
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:17:29 GMT
X-lat: amspug001:0:392
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7dd6db99-52dc-4d27-8923-0ae385b067bc
date: Sun, 07 Mar 2021 06:28:30 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H3-Q050 200 container.html Show response
782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0969 6 KB
3 KB 34ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://updowntoday.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://updowntoday.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 07 Mar 2021 06:28:27 GMT
expires: Mon, 07 Mar 2022 06:28:27 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js?31060360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sun, 07 Mar 2021 06:28:30 GMT

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
65 B 34ms
33ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIzYmE5ODJmYzQyMzhkZDQxOTdiMWQ1MWIzNDU0NzhkYyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDUsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA1LCJiaWRfZmxvb3JfcHJldiI6MC4wMDEsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTc1NCIsImRvbWFpbl9pZCI6IjI0NDg3MSIsInVuaXQiOiJkaXYtZ3B0LWFkLXVwZG93bnRvZGF5X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwNDE2OTg4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTc1NCIsImRvbWFpbl9pZCI6IjI0NDg3MSIsInVuaXQiOiJkaXYtZ3B0LWFkLXVwZG93bnRvZGF5X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:30 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
40 B 35ms
34ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/porpoiseant/banger.js?cb=192-0&bv=8&v=45&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 07 Mar 2021 06:28:30 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
19 B 34ms
33ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTAzLTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiNyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:30 UTC

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
42 B 34ms
34ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImF1Y3Rpb25fZXBvY2giOjE2MTUwOTg1MTEsImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiYmlkX2Zsb29yX2luaXRpYWwiOjEwMCwiYmlkX2Zsb29yX3ByZXYiOjEwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6NTAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjM0NCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:31 UTC

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
19 B 33ms
33ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjEwOTMifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2NTU0IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidW5pdCI6ImRpdi1ncHQtYWQtdXBkb3dudG9kYXlfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRLIiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI0OTAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjEwMiJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:30 UTC

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DD07 0
0 124ms
50ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMzFrLTYzT5sc6cWN7eVcWFFow5aDZnsLttXvvNcFNkcwulMKMjgApNKxzIFtX4EAVh2rAcmakliYnd9gjuY_aYxgJAFHwFyqOGAXjobIZjSpPbI54PvKuOVbUyA9Smhv4WSwtGA4l5RsLzG8ivBeCpL8fYDAqK0-5l1xLY9g3ORIVhJJ3Ot2yMfPjfTBjxWXp0MT0oSZoi3SgO0xGltzKa04ZJ261IsHCOULOJLy1Zb5wcOyOPi5TrRAV1bNn5hFfdfiHwYhofiVKliY4FoOfQblUn87jvNqPPdzq_PG3fG8NU2hMOpgvHa32zP65eTIeZSZAXiH8vXbD8QZMZ3WM4IQ4Zr735gqkB2ZH23uUQCd3wMJApxpgD1PjGrK5YehYp2f_jdnvoeoDgOfWZRn_Ri2sETf0y5rQIP4he3Twz-kcJBnqqhVvhAbdVOrU6iXKHwF3YiqrnNae79Ha3tKvGZuUKsTIcb1NqBWtyc9qCMchbRql_xDgocuUTf2qAJOC_NAG_AIL3ok0v8a6b3rT2ijxvKe3hGEQx1FuryuaY_y-GmXW7VgSZp0pmPLoL7831AKBT8qH7pcKae5xUPp8crYJS36-N9rIH2MqabAWDQXt5r6AUMFtMG379baFYLPe0jQFA4epaNQvGBOgKcvUngl3pZTaLq9WR7jKvb11GsEiHmtABPLyHVzX01U-CchT1x3xvgm2SNWTVf5Dax-CUtH94GzusLlWkW1ugoYx1pFZlKHNgxErsbK2f5bNHFj6-14baljW43nPz-_aSsIA6G0gLqoiCk6oME3ElxJGOnc6yUgddxyPFUSUR1P4PXPUp3w2SxN3T1T8AnUMNZse3aveEvW13J0vzc5dtFdBQIZCQvyIsVoFim3b2u4W7otkIcevZhrO8NVdChJv_lL9BW-dlTPLcmL0iJo48goI-zqKu40LtPrx9sBVpCzLOSnIhpYNyZLyzDOLppvzim0H5NgrTOneo_7P8Fclrgc72mVjK8dqiiL5CYuFxHrtlF37xHZciVnZTSUfrKPs5o2J70NdcU8KhC74FXqsY2G2EfaUtZBmbb7c3fWkGI23NTc64vGiXAlegJs3eBI0NFwdxMeDfYMgx7AfiwndPh_LZlRaWya7&sig=Cg0ArKJSzIT1cvUvdMEbEAE&urlfix=1&adurl=&tpd=AGWhJmvBvQD95OW1m-5oJoqrvdVSzGWaOCweb2SpzI_w5IwGog

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 07 Mar 2021 06:28:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame DD07 111 KB
39 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 14:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57015
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Mar 2021 14:38:15 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DD07 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 09:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249580
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 09:08:50 GMT

GET
H3-Q050 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame DD07 31 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7c4efd1f41f3683d4845c653d5166988897616f79951568dad9323c26f2d6f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 01:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12669
x-xss-protection: 0
server: cafe
etag: 5012884434530507151
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 01:00:03 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame DD07 3 KB
2 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 06:27:47 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD07 110 KB
34 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sun, 07 Mar 2021 06:28:30 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame DD07 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
server: cafe
etag: 17031075750977984330
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 06:19:29 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame DD07 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5mdmZh26RibIyumTccMuZKXn2XNf7GYZTC301czOp4KB5kn2F7lwlYU2RwSZxmlNKeJ-Q-IhH0dQ7QyDT23Kq9iIEFA
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame DD07 18 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: updowntoday.com
URL: https://updowntoday.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 06:26:37 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 288C 1 KB
858 B 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
URL: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 07 Mar 2021 03:14:09 GMT
expires: Mon, 08 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 11661
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A22D 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 05 Mar 2021 13:42:11 GMT
expires: Sat, 05 Mar 2022 13:42:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 146779
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 t.js;adv=11312204782683;ec=11312204817403;adv.a=8240968;c.a=25378858;s.a=3447485;p.a=296513903;a.a=489835819;cache=1105616665 Show response
ad.atdmt.com/i/ Frame DD07 0
1 KB 152ms
125ms Script
text/javascript 2a03:2880:f006:2:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.atdmt.com/i/t.js;adv=11312204782683;ec=11312204817403;adv.a=8240968;c.a=25378858;s.a=3447485;p.a=296513903;a.a=489835819;cache=1105616665

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:2:face:b00c:0:8c , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: M2Qy1BT98oi1AaD8U7/cR2egfrV8sgw9Gwwhl9KIDb+XhX3ex8nbaAbZ1AjYyUv3BjA3gyuJADWQwX8cdBMFLQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 07 Mar 2021 06:28:30 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/javascript;charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
x-fb-rlafr: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html Show response
s0.2mdn.net/8240968/1613993611088/ Frame 82DC 4 KB
2 KB 33ms
20ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b930a131bce632e30468d53ba640c7ef7e4fe27e45b7365067bcb5fe509b58e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1419
date: Sat, 06 Mar 2021 09:27:53 GMT
expires: Sun, 07 Mar 2021 09:27:53 GMT
last-modified: Mon, 22 Feb 2021 11:33:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 75637
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DD07 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec856bb58188dd2dfea5848df664d4b65f51c7a459449b294c59b367eff9b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 288C 0
103 B 16ms
12ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENdGGeah-Up9j6lHt1qHYlg&google_cver=1&google_push=AQvitUKn9TPkH6CyMecTYx8BT8GLzyVSNh4tze-W_HP23T0cEa3Ytg78s9-Ltv2kwzM27ItloXSJfC6YtDfmOLWUG_MQbFEBxQOgDg
Requested by: Host: 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
URL: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:30 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 288C
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDqBA_Nd61XBKiw0iTwIyko&google_cver=1&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_wlR6jCVTkxHBU6jukCw&google_hm=7JCr4RXfSKKr1IY395...

170 B
310 B

42ms
41ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_wlR6jCVTkxHBU6jukCw&google_hm=7JCr4RXfSKKr1IY395PNCOs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI7ZCa3hL-uwho6PfRT1FcrSZ2E9iHsbO-2tWFqIP4K3sla4J78PFAG1rH_qcCFA0Eys0qcFLlDVT_wlR6jCVTkxHBU6jukCw&google_hm=7JCr4RXfSKKr1IY395PNCOs
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 288C 42 B
233 B 580ms
112ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEHITWwbC1471lPRDcVxXfmE&google_cver=1&google_push=AQvitUKO9L8LkvOwemsilPnnovsX-c0xR9mGH7WDAfeJmHB2oeUk61cGTzyFliuyNxw-20A75FuRDR787xPek0KNX8B3wWVYR5Diow
Requested by: Host: 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
URL: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Mar 2021 06:28:31 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 288C
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFATjFetkkBL9lQ096M45to&google_cver=1&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIwMzY5ODA4MjE4NTM1MDA0NQ%3D%3D&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_Jnov...

170 B
213 B

42ms
42ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIwMzY5ODA4MjE4NTM1MDA0NQ%3D%3D&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIwMzY5ODA4MjE4NTM1MDA0NQ%3D%3D&google_push=AQvitUKXAS1b3guI-YvE5OdFW7YJRi4A067MUzvPIC0TShQy-HH4J7W_JnovlvG6_A8Cz5jML9FIyte3o-OFtWZ31KEapohhtHq3
date: Sun, 07 Mar 2021 06:28:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 288C 0
44 B 1810ms
263ms Image
text/plain 18.180.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEJZvegQAm3rPyxeRAbmUAp0&google_cver=1&google_push=AQvitUIfYwANscoV8fWiapQgGLhBknmR1dOHETFguAjy5GKpD3ntwfdkXTlTMVlQ1yIqFLQyhave4eKwZixhcnJuvKSRVHS0CMHr
Requested by: Host: 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
URL: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.180.1.224 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:32 GMT
server: awselb/2.0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 288C
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEG5-0gevhPLECE61pOwQMO8&google_cver=1&google_push=AQvitULK-uDcCcEpHvCrlr2__YunlaDeIzzYhcs0AEe5i9PO3OTgAXquQcOqwDNCIaqAgO21jxlEH-W0ueBaYqOjmjSPB_JfWIKIUq8
https://ads.avads.net/sync/ggl?google_gid=CAESEG5-0gevhPLECE61pOwQMO8&google_cver=1&google_push=AQvitULK-uDcCcEpHvCrlr2__YunlaDeIzzYhcs0AEe5i9PO3OTgAXquQcOqwDNCIaqAgO21jxlEH-W0ueBaYqOjmjSPB_JfWIKIU...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YmNjZDM3YTYtMTFmZS00MjJmLTg4YzYtZmVkNjc0NDBkNjcy

170 B
190 B

42ms
42ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YmNjZDM3YTYtMTFmZS00MjJmLTg4YzYtZmVkNjc0NDBkNjcy

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YmNjZDM3YTYtMTFmZS00MjJmLTg4YzYtZmVkNjc0NDBkNjcy
date: Sun, 07 Mar 2021 06:28:31 GMT
x-envoy-upstream-service-time: 6
server: istio-envoy
content-length: 0

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 288C 0
223 B 94ms
53ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKvbm1inhZbxbtBH8q2Fm8kh5OMlkHdKfSYMAhqj0arDDlS95ty0OKhN8MJCdo3hY

Requested by

Host: 782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
URL: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js Show response
pagead2.googlesyndication.com/bg/ Frame A22D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eu7jfLqbA_SrKotVk2KNeEjSxiQIb3iw8Llt0poV4Fw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aeee37cba9b03f4ab2a8b5593628d7848d2c624086f78b0f0b96dd29a15e05c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 07:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 168626
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5632
x-xss-protection: 0
expires: Sat, 05 Mar 2022 07:38:04 GMT

GET
H2 200 6033966c3751136e3b9ac7b2 Show response
c.bannerflow.net/a/ Frame 82DC 47 KB
16 KB 54ms
33ms Script
application/javascript 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/6033966c3751136e3b9ac7b2?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRyiFdd_o9lEseeoVloODbvQGpJuk9qfa9lbWz7_P4SU6FOFRp0qfTExkPody1W7zVkBjBnc5h-QGFKZjXedd6Tzlett6sTe_lFxNlSk1GQag7LjxpV9euKvUKY4dLUhvsZrTIFUFm0-4ktCfjIDu92dQEpiIRRAafDRHmoAIGz3jSd4mf1gFImoKZPRITpaKx3ilG-Nv4P-ARxPM_US4pAKQq76Vcc1fuzPqF9WvsmmHKV2YIivotpe07qsNYX7AaA5UPpR0NzzMVw-H52p-TsJnjDwtrT-HWytJR1xBFngkooroQUCWN7nho5khK9BNFAdEmcBwnszlsw0poxUiJR2Fp7Bau52UixkAzHptbIPLgZU706iPmElHN8_mNBS3QsTomUs4zUJZAnU7FfdJZJ4AkkWUtCNQPbefCvP7EsvbnJ1E9g65XXXp7Gn5C_VEtCXYMId8X7y6W14GXaef3mvys0ZRogKOITggXag5CYi5jz_KshTgr4yAupOAu1vYV0Qmf9cKrNqG2AwuumjR-8yWX3Utx-ulzVhznsbfrlfBS3DGr5UYjjyTQg8k3R3toGFqD7MUPpKoMy6st8qg0vCOa7yd6x20vlkDkpyuF5JA4QWGHhbGyYQ-LFQ7DzBCqFLjouARmvxhzGxTyuky_FW0JP-HkJT4TIT33YTkonfuR9osn8B-CAwOvoJNJsnkAOVzOS8pQ1iL-ke1tiOXuvHgM28IxvZP8vp5vTF-oYz37oSCSSGIHHkQ2yvANtGtC9cJ8Ckyn2MDO971KyRpjspSj673gyryf5MR2ZGfxXduYhgP0Fna7V0ql61PxH4tqABHGzLnAqwj40ZRphG6fsayvhysspN5XPPtIvCGwZ6_o4ErDxozMcVzmlqIqa-KYyQ6JGBV-yxClqq-Vr9qRQZC40vh8EkSKav3Ee6qsiif00-QY9VcHy2PLi0QQSGHjIXxVP6IAg5fRJG3cmURXwd9DY86RHFCClcn8gmbRJTs_MKH9_WyXBUZMJHcb6mTVHVEG2YK7mKOC8if2V7J2YXAy2XC9MLfIH9Sz-kOKVf4VeykI2uC2UXQEIohwRUMBYg80DajgMq1L8TxQ3_EwCgiWgu9yxmRSNPmeEQ%26sig%3DCg0ArKJSzIB9BB7rYEvhEAE%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fad.atdmt.com%252Fc%252Fimg%253Badv%253D11312204782683%253Bec%253D11312204817403%253Badv.a%253D8240968%253Bc.a%253D25378858%253Bs.a%253D3447485%253Bp.a%253D296513903%253Ba.a%253D489835819%253Bcache%253D1105616665%253Bqpb%253D1%253B%253Fh%253Dhttps%253A%252F%252Fwww.home.saxo%252Fda-dk%252Fproducts%252Fstocks%253Fcmpid%253Ddisp_google_9988386936_101778303506_500179662659%2526dclid%253D%2525edclid!
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a87d1742fea1badee591003c1a567eedd470524918d3d4d7f9a15935c4e98f3a

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 62c1c39d39aa2c56-FRA
link: <https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/461389/607204/preload.jpg>; rel=preload; as=image
cf-request-id: 08acf8964400002c568324e000000001
request-context: appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/461389/607204/ Frame 82DC 701 B
1 KB 15ms
14ms Image
image/jpeg 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/461389/607204/preload.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fff143c2a39269ba1aeae88a6e416e80284a281ed1073ce60013a866dc69b50

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Mar 2021 06:28:30 GMT
cf-cache-status: HIT
age: 922644
content-length: 701
cf-request-id: 08acf8966e00002c568b2c0000000001
x-ms-lease-status: unlocked
last-modified: Mon, 22 Feb 2021 21:02:45 GMT
server: cloudflare
etag: 0x8D8D77533E75504
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: f79a86e7-301e-0056-79b6-0a1cc9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62c1c39d79e12c56-FRA
cf-bgj: h2pri

GET
H2 200 widget.7c174be0cad5cd1a656c.js Show response
c.bannerflow.net/scripts/ Frame 82DC 19 KB
6 KB 12ms
11ms Script
application/javascript 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.7c174be0cad5cd1a656c.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6033966c3751136e3b9ac7b2?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRyiFdd_o9lEseeoVloODbvQGpJuk9qfa9lbWz7_P4SU6FOFRp0qfTExkPody1W7zVkBjBnc5h-QGFKZjXedd6Tzlett6sTe_lFxNlSk1GQag7LjxpV9euKvUKY4dLUhvsZrTIFUFm0-4ktCfjIDu92dQEpiIRRAafDRHmoAIGz3jSd4mf1gFImoKZPRITpaKx3ilG-Nv4P-ARxPM_US4pAKQq76Vcc1fuzPqF9WvsmmHKV2YIivotpe07qsNYX7AaA5UPpR0NzzMVw-H52p-TsJnjDwtrT-HWytJR1xBFngkooroQUCWN7nho5khK9BNFAdEmcBwnszlsw0poxUiJR2Fp7Bau52UixkAzHptbIPLgZU706iPmElHN8_mNBS3QsTomUs4zUJZAnU7FfdJZJ4AkkWUtCNQPbefCvP7EsvbnJ1E9g65XXXp7Gn5C_VEtCXYMId8X7y6W14GXaef3mvys0ZRogKOITggXag5CYi5jz_KshTgr4yAupOAu1vYV0Qmf9cKrNqG2AwuumjR-8yWX3Utx-ulzVhznsbfrlfBS3DGr5UYjjyTQg8k3R3toGFqD7MUPpKoMy6st8qg0vCOa7yd6x20vlkDkpyuF5JA4QWGHhbGyYQ-LFQ7DzBCqFLjouARmvxhzGxTyuky_FW0JP-HkJT4TIT33YTkonfuR9osn8B-CAwOvoJNJsnkAOVzOS8pQ1iL-ke1tiOXuvHgM28IxvZP8vp5vTF-oYz37oSCSSGIHHkQ2yvANtGtC9cJ8Ckyn2MDO971KyRpjspSj673gyryf5MR2ZGfxXduYhgP0Fna7V0ql61PxH4tqABHGzLnAqwj40ZRphG6fsayvhysspN5XPPtIvCGwZ6_o4ErDxozMcVzmlqIqa-KYyQ6JGBV-yxClqq-Vr9qRQZC40vh8EkSKav3Ee6qsiif00-QY9VcHy2PLi0QQSGHjIXxVP6IAg5fRJG3cmURXwd9DY86RHFCClcn8gmbRJTs_MKH9_WyXBUZMJHcb6mTVHVEG2YK7mKOC8if2V7J2YXAy2XC9MLfIH9Sz-kOKVf4VeykI2uC2UXQEIohwRUMBYg80DajgMq1L8TxQ3_EwCgiWgu9yxmRSNPmeEQ%26sig%3DCg0ArKJSzIB9BB7rYEvhEAE%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fad.atdmt.com%252Fc%252Fimg%253Badv%253D11312204782683%253Bec%253D11312204817403%253Badv.a%253D8240968%253Bc.a%253D25378858%253Bs.a%253D3447485%253Bp.a%253D296513903%253Ba.a%253D489835819%253Bcache%253D1105616665%253Bqpb%253D1%253B%253Fh%253Dhttps%253A%252F%252Fwww.home.saxo%252Fda-dk%252Fproducts%252Fstocks%253Fcmpid%253Ddisp_google_9988386936_101778303506_500179662659%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 421c172f4f115ba30cbb6ad5b5b706c9084b2033f6a70a72efce5a20bf0689e9

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Mar 2021 06:28:30 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: pXkbd1JIbXeaE8iX84dLIg==
age: 1635562
cf-request-id: 08acf8968000002c56c1030000000001
x-ms-lease-status: unlocked
last-modified: Thu, 11 Feb 2021 08:49:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 39e402be-601e-0074-133b-04d9d6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 62c1c39d9a012c56-FRA
cf-bgj: minify

GET
H2 200 document.d792a387ab.js Show response
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/461389/607204/ Frame 82DC 66 KB
10 KB 13ms
12ms Script
application/javascript 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/461389/607204/document.d792a387ab.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6033966c3751136e3b9ac7b2?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRyiFdd_o9lEseeoVloODbvQGpJuk9qfa9lbWz7_P4SU6FOFRp0qfTExkPody1W7zVkBjBnc5h-QGFKZjXedd6Tzlett6sTe_lFxNlSk1GQag7LjxpV9euKvUKY4dLUhvsZrTIFUFm0-4ktCfjIDu92dQEpiIRRAafDRHmoAIGz3jSd4mf1gFImoKZPRITpaKx3ilG-Nv4P-ARxPM_US4pAKQq76Vcc1fuzPqF9WvsmmHKV2YIivotpe07qsNYX7AaA5UPpR0NzzMVw-H52p-TsJnjDwtrT-HWytJR1xBFngkooroQUCWN7nho5khK9BNFAdEmcBwnszlsw0poxUiJR2Fp7Bau52UixkAzHptbIPLgZU706iPmElHN8_mNBS3QsTomUs4zUJZAnU7FfdJZJ4AkkWUtCNQPbefCvP7EsvbnJ1E9g65XXXp7Gn5C_VEtCXYMId8X7y6W14GXaef3mvys0ZRogKOITggXag5CYi5jz_KshTgr4yAupOAu1vYV0Qmf9cKrNqG2AwuumjR-8yWX3Utx-ulzVhznsbfrlfBS3DGr5UYjjyTQg8k3R3toGFqD7MUPpKoMy6st8qg0vCOa7yd6x20vlkDkpyuF5JA4QWGHhbGyYQ-LFQ7DzBCqFLjouARmvxhzGxTyuky_FW0JP-HkJT4TIT33YTkonfuR9osn8B-CAwOvoJNJsnkAOVzOS8pQ1iL-ke1tiOXuvHgM28IxvZP8vp5vTF-oYz37oSCSSGIHHkQ2yvANtGtC9cJ8Ckyn2MDO971KyRpjspSj673gyryf5MR2ZGfxXduYhgP0Fna7V0ql61PxH4tqABHGzLnAqwj40ZRphG6fsayvhysspN5XPPtIvCGwZ6_o4ErDxozMcVzmlqIqa-KYyQ6JGBV-yxClqq-Vr9qRQZC40vh8EkSKav3Ee6qsiif00-QY9VcHy2PLi0QQSGHjIXxVP6IAg5fRJG3cmURXwd9DY86RHFCClcn8gmbRJTs_MKH9_WyXBUZMJHcb6mTVHVEG2YK7mKOC8if2V7J2YXAy2XC9MLfIH9Sz-kOKVf4VeykI2uC2UXQEIohwRUMBYg80DajgMq1L8TxQ3_EwCgiWgu9yxmRSNPmeEQ%26sig%3DCg0ArKJSzIB9BB7rYEvhEAE%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fad.atdmt.com%252Fc%252Fimg%253Badv%253D11312204782683%253Bec%253D11312204817403%253Badv.a%253D8240968%253Bc.a%253D25378858%253Bs.a%253D3447485%253Bp.a%253D296513903%253Ba.a%253D489835819%253Bcache%253D1105616665%253Bqpb%253D1%253B%253Fh%253Dhttps%253A%252F%252Fwww.home.saxo%252Fda-dk%252Fproducts%252Fstocks%253Fcmpid%253Ddisp_google_9988386936_101778303506_500179662659%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0ea8115d7b9e0a1b0a64d19f2ef526c2e13d0eff34099a38e0fb86bdd53bb69

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Mar 2021 06:28:30 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 15Kjh6tyE0T553acQhiTvw==
age: 922644
cf-polished: origSize=71878
cf-request-id: 08acf8968000002c566c04e000000001
x-ms-lease-status: unlocked
last-modified: Mon, 22 Feb 2021 21:02:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 67f5ede3-b01e-0048-7bb6-0af011000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 62c1c39d9a022c56-FRA
cf-bgj: minify

GET
H2 200 animated-creative.c5b76fb64da6d2dc7532.js Show response
c.bannerflow.net/scripts/ Frame 82DC 118 KB
36 KB 15ms
15ms Script
application/javascript 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.c5b76fb64da6d2dc7532.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6033966c3751136e3b9ac7b2?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRyiFdd_o9lEseeoVloODbvQGpJuk9qfa9lbWz7_P4SU6FOFRp0qfTExkPody1W7zVkBjBnc5h-QGFKZjXedd6Tzlett6sTe_lFxNlSk1GQag7LjxpV9euKvUKY4dLUhvsZrTIFUFm0-4ktCfjIDu92dQEpiIRRAafDRHmoAIGz3jSd4mf1gFImoKZPRITpaKx3ilG-Nv4P-ARxPM_US4pAKQq76Vcc1fuzPqF9WvsmmHKV2YIivotpe07qsNYX7AaA5UPpR0NzzMVw-H52p-TsJnjDwtrT-HWytJR1xBFngkooroQUCWN7nho5khK9BNFAdEmcBwnszlsw0poxUiJR2Fp7Bau52UixkAzHptbIPLgZU706iPmElHN8_mNBS3QsTomUs4zUJZAnU7FfdJZJ4AkkWUtCNQPbefCvP7EsvbnJ1E9g65XXXp7Gn5C_VEtCXYMId8X7y6W14GXaef3mvys0ZRogKOITggXag5CYi5jz_KshTgr4yAupOAu1vYV0Qmf9cKrNqG2AwuumjR-8yWX3Utx-ulzVhznsbfrlfBS3DGr5UYjjyTQg8k3R3toGFqD7MUPpKoMy6st8qg0vCOa7yd6x20vlkDkpyuF5JA4QWGHhbGyYQ-LFQ7DzBCqFLjouARmvxhzGxTyuky_FW0JP-HkJT4TIT33YTkonfuR9osn8B-CAwOvoJNJsnkAOVzOS8pQ1iL-ke1tiOXuvHgM28IxvZP8vp5vTF-oYz37oSCSSGIHHkQ2yvANtGtC9cJ8Ckyn2MDO971KyRpjspSj673gyryf5MR2ZGfxXduYhgP0Fna7V0ql61PxH4tqABHGzLnAqwj40ZRphG6fsayvhysspN5XPPtIvCGwZ6_o4ErDxozMcVzmlqIqa-KYyQ6JGBV-yxClqq-Vr9qRQZC40vh8EkSKav3Ee6qsiif00-QY9VcHy2PLi0QQSGHjIXxVP6IAg5fRJG3cmURXwd9DY86RHFCClcn8gmbRJTs_MKH9_WyXBUZMJHcb6mTVHVEG2YK7mKOC8if2V7J2YXAy2XC9MLfIH9Sz-kOKVf4VeykI2uC2UXQEIohwRUMBYg80DajgMq1L8TxQ3_EwCgiWgu9yxmRSNPmeEQ%26sig%3DCg0ArKJSzIB9BB7rYEvhEAE%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fad.atdmt.com%252Fc%252Fimg%253Badv%253D11312204782683%253Bec%253D11312204817403%253Badv.a%253D8240968%253Bc.a%253D25378858%253Bs.a%253D3447485%253Bp.a%253D296513903%253Ba.a%253D489835819%253Bcache%253D1105616665%253Bqpb%253D1%253B%253Fh%253Dhttps%253A%252F%252Fwww.home.saxo%252Fda-dk%252Fproducts%252Fstocks%253Fcmpid%253Ddisp_google_9988386936_101778303506_500179662659%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50bf11088effbe4314810d8309a06a72c33e9cabaf234f50aef9052650292868

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Mar 2021 06:28:30 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 1D0DVJrg2DGWBxj6ufkdMg==
age: 1965141
cf-polished: origSize=121294
cf-request-id: 08acf8968000002c567bbb8000000001
x-ms-lease-status: unlocked
last-modified: Fri, 12 Feb 2021 12:08:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 699250a4-a01e-0036-273b-016056000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 62c1c39d9a032c56-FRA
cf-bgj: minify

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A22D 0
46 B 29ms
28ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqTDKjnJEYNftFJSIgAfHpbL4BQAAAAA4AeAEAg&bg=!39yl3J_NAAWsVXnBrDsAKQB2-Dxa1yAsxUT_syetyy7m_vvdrnMlpIg8D6A0JT3mDyjz7aocAf5QAgAAAHlSAAAADWgBB5kC9be5VRXTgnSWdnd_uNAaz0-ZIZQb9tGM_uQcbsPX7O7cilYAxy4hJaABRfyu9k2l0Oj9j858QiSk3GW_pdDm6qCUP5lOK2HTjsGjGplcG4XuMiTIr0wEXw-U7b_i0tO-FF8MlP1BQ9dprSI1VqkqQ7iJvrxb7dm5zkrs-YlSgfD9thPYcUHIS2pxyQMuVCtzQ3xm8RyiLx3BVU4CVLKd9aABz5U8xzEwylk2kVoOXjRayCYlHvb9GkSm1a5B-1pBa1_mY-Ze9sP2m5KKFQlNjENAfBHMXfGtaFy_gyb1BjDyBdHs0wy48CYCLBvroGV_7gaCud0gJDENqemZOToAOQaaURgVTv9yDvIeYV-VXIE-WKwP1G-NvoAzmz8H3kH4KnmfgCSi1xx-t3oC7fK-7bzQSEZSWptWBgGukGfiAqhHphlwZ5i8HiScgmQSnSpDFr41dJeiYtWXyVv33lssMhNhDYX9_lYRx5vwUn-LVROk4ZM5xDj2RJn0yKjIKMzfGCsMebp3Ge9frWTmqkn1pUhWd1r3DrpHU5exBU4IgMjyBJLi1RcYYKtQRBW5JLn8C2dT8jKOEugJ1wMJ9y6SMWKya3niDnt27BKCBVe5tMlG_ZbZ3JE0sHoxKr9w4ssqaPfADOyCSYDhfjHC0lA6mHOfXSO5M5lkhKVNsMQ_FA_Ei9hODQtICKAWazXU5lYR1wHhfBWqsBzp0Cz3S0k1oXVlSHPFtxVz4C2c4OImP1h2ghJa6OD1qwdGKMQ0H_rDuip-iFEtq2ucSHBKYc_MiDq9Fdq2PpF8TlVCYPV5wNg90P_V6JzElCt6yirLzehAOr65sIDxnp19nXQ75h88ZoKh46FY-GI1wh0GYqwfWk-fpoeWfVkI3oiS4bHfS-MdM72QsUkWxJLxyq-JozD1BAc87wi5dXKBQNy3qcRqUF45Y-mW700Otf6BcLfCFchhXnJw5-Phlzd11VIgYivawXlASPcuky0h3oGLzuWWGlxJvj1TKS0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 82DC 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 82DC 7 KB
7 KB 26ms
13ms Font
font/woff 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F48143311-bbb8-4b5b-aab6-8b95e2d0fe50.woff&t=%20BFHIabdefghijklmnoprstuvy%C3%A5%C3%A6%C3%B8
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe222c3473810d3c513a22703603cf2a641a2ff01755010fd5b78d896328d421

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:31 GMT
cf-cache-status: HIT
server: cloudflare
age: 922641
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=48143311-bbb8-4b5b-aab6-8b95e2d0fe50-subset.woff
cf-ray: 62c1c39ec8250625-FRA
cf-request-id: 08acf8973e0000062522236000000001
expires: Thu, 24 Feb 2022 14:11:10 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 82DC 18 KB
18 KB 28ms
15ms Font
font/woff 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20%2C.HVacdefhiklmnoprstu%C3%A5%C3%A6%C3%B8
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/8240968/1613993611088/DK_Stocks_Track4_Tools-Denmark-728x90-637495904097655833-c7a4f078-f6bd-4ffb-a5ae-c84156c94b99.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75ad2a295a91a452e7e1c8f07d9c31e5abbd1995eec3a5377a8593dbb658db39

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:31 GMT
cf-cache-status: HIT
server: cloudflare
age: 922681
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray: 62c1c39ec8260625-FRA
cf-request-id: 08acf8973e000006251e986000000001
expires: Thu, 24 Feb 2022 14:10:30 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9C00 0
745 B 33ms
33ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Mar 2021 06:28:31 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid: d76f2572-c2b9-4fee-9359-8db3d743d36c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ae8ec1df-88f9-4ce2-a73b-9034d02f3b5f.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame EC88 3 KB
1 KB 12ms
12ms Image
image/svg+xml 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ae8ec1df-88f9-4ce2-a73b-9034d02f3b5f.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d63707338a0258a11cbf7600dce37035688c1f9e7b84494b75e8252c8be68bc0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Mar 2021 06:28:31 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: geO0p72xIm1+eBK8Ul7/9Q==
age: 6158
cf-request-id: 08acf8977900002c56be9a9000000001
x-ms-lease-status: unlocked
last-modified: Fri, 23 Oct 2020 12:29:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 728e9418-701e-0057-6c41-044315000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 62c1c39f2b5e2c56-FRA

GET
H2 200 lottie.min.js Show response
shared.bannerflow.com/libs/lottie/ Frame FF5F 245 KB
76 KB 131ms
32ms Script
application/javascript 108.161.188.192
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.7c174be0cad5cd1a656c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.192 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 07 Mar 2021 06:28:31 GMT
content-encoding: gzip
last-modified: Tue, 03 Dec 2019 09:22:06 GMT
server: NetDNA-cache/2.2
content-md5: 3jN+4HvsftV/jNd4P/RFbA==
etag: W/"0x8D777D243C9FCFD"
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *, *
x-ms-request-id: a7e4b218-401e-0137-1d8c-122b49000000
x-ms-version: 2014-02-14
x-ms-lease-state: available

POST
H2 200 pixel
c.bannerflow.net/tr/v2/ Frame 82DC 0
312 B 34ms
34ms Other
text/plain 2606:4700::6810:c40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6033966c3751136e3b9ac7b2?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvRyiFdd_o9lEseeoVloODbvQGpJuk9qfa9lbWz7_P4SU6FOFRp0qfTExkPody1W7zVkBjBnc5h-QGFKZjXedd6Tzlett6sTe_lFxNlSk1GQag7LjxpV9euKvUKY4dLUhvsZrTIFUFm0-4ktCfjIDu92dQEpiIRRAafDRHmoAIGz3jSd4mf1gFImoKZPRITpaKx3ilG-Nv4P-ARxPM_US4pAKQq76Vcc1fuzPqF9WvsmmHKV2YIivotpe07qsNYX7AaA5UPpR0NzzMVw-H52p-TsJnjDwtrT-HWytJR1xBFngkooroQUCWN7nho5khK9BNFAdEmcBwnszlsw0poxUiJR2Fp7Bau52UixkAzHptbIPLgZU706iPmElHN8_mNBS3QsTomUs4zUJZAnU7FfdJZJ4AkkWUtCNQPbefCvP7EsvbnJ1E9g65XXXp7Gn5C_VEtCXYMId8X7y6W14GXaef3mvys0ZRogKOITggXag5CYi5jz_KshTgr4yAupOAu1vYV0Qmf9cKrNqG2AwuumjR-8yWX3Utx-ulzVhznsbfrlfBS3DGr5UYjjyTQg8k3R3toGFqD7MUPpKoMy6st8qg0vCOa7yd6x20vlkDkpyuF5JA4QWGHhbGyYQ-LFQ7DzBCqFLjouARmvxhzGxTyuky_FW0JP-HkJT4TIT33YTkonfuR9osn8B-CAwOvoJNJsnkAOVzOS8pQ1iL-ke1tiOXuvHgM28IxvZP8vp5vTF-oYz37oSCSSGIHHkQ2yvANtGtC9cJ8Ckyn2MDO971KyRpjspSj673gyryf5MR2ZGfxXduYhgP0Fna7V0ql61PxH4tqABHGzLnAqwj40ZRphG6fsayvhysspN5XPPtIvCGwZ6_o4ErDxozMcVzmlqIqa-KYyQ6JGBV-yxClqq-Vr9qRQZC40vh8EkSKav3Ee6qsiif00-QY9VcHy2PLi0QQSGHjIXxVP6IAg5fRJG3cmURXwd9DY86RHFCClcn8gmbRJTs_MKH9_WyXBUZMJHcb6mTVHVEG2YK7mKOC8if2V7J2YXAy2XC9MLfIH9Sz-kOKVf4VeykI2uC2UXQEIohwRUMBYg80DajgMq1L8TxQ3_EwCgiWgu9yxmRSNPmeEQ%26sig%3DCg0ArKJSzIB9BB7rYEvhEAE%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fad.atdmt.com%252Fc%252Fimg%253Badv%253D11312204782683%253Bec%253D11312204817403%253Badv.a%253D8240968%253Bc.a%253D25378858%253Bs.a%253D3447485%253Bp.a%253D296513903%253Ba.a%253D489835819%253Bcache%253D1105616665%253Bqpb%253D1%253B%253Fh%253Dhttps%253A%252F%252Fwww.home.saxo%252Fda-dk%252Fproducts%252Fstocks%253Fcmpid%253Ddisp_google_9988386936_101778303506_500179662659%2526dclid%253D%2525edclid!
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 07 Mar 2021 06:28:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
cf-ray: 62c1c3a0bca52c56-FRA
content-length: 0
cf-request-id: 08acf8987300002c56c8b63000000001
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DD07 42 B
479 B 57ms
44ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWJAJwLyDX2nAIcd14y0Q6c1MaRrIObiyMaSojsj_LnHCV51SqiTKg-wzLpKMZIy-lfIpXEUgtLPkPD0EMHGB8G69MnVHDDpAx8Yx8AUj3JG3nqbcKFFpcrkfZj3jjBxlfwcbawcV6aJBkMCJXCdYv6Fl-R-Zmj3ePH9-Uxaey_6rXyn5D0bzcrw1XD5t3RA&sai=AMfl-YQp_W9c5zhhmf5w2Qw8zBKZAnfJB8Q85Jqv51HD_Ki0jns5qz_w5tbExw7x63sn6j7_QI2N-5F9HncN4AsnU-1gKLqeaWTLqM0gupFca_YGzVyjDxdbu7YKSxk&sig=Cg0ArKJSzNDgZ1oIumR-EAE&cid=CAASF-Rowxuc9prbfaDoJNO5skeEs17CBnID&id=osdim&mcvt=1002&p=1101,436,1191,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3090211009&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1615098510635&dlt=40&rpt=188&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
42 B 34ms
34ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:31 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:31 UTC

GET
H2 200 rochester.js Show response
updowntoday.com/detroitchicago/ 2 KB
831 B 37ms
37ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/rochester.js?gcb=192-0&cb=3
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 90942d87197e5381d7af4f6671567ac8250d322999792aab578073016b5ad0e5

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:32 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 798

GET
H2 200 edmonton.webp Show response
updowntoday.com/detroitchicago/ 14 KB
4 KB 38ms
37ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/edmonton.webp?a=a&cb=192-0&shcb=34
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:32 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000
x-robots-tag: noindex
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 vitals.js Show response
updowntoday.com/tardisrocinante/ 5 KB
2 KB 36ms
35ms Script
application/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/tardisrocinante/vitals.js?gcb=0&cb=3
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 26b4485584314aa0850427462143a6a28b66c982db28deb42766214fad7744c7

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:32 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1701

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
19 B 45ms
44ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyMTgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU2NTU0IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidW5pdCI6ImRpdi1ncHQtYWQtdXBkb3dudG9kYXlfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRLIiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTA1In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:31 UTC

GET
H2 200 army.gif Show response
updowntoday.com/porpoiseant/ 0
42 B 33ms
33ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjk3NTQiLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ1bml0IjoiZGl2LWdwdC1hZC11cGRvd250b2RheV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTUwOTg1MDYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREsiLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils5NzAsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTc1NCIsImRvbWFpbl9pZCI6IjI0NDg3MSIsInVuaXQiOiJkaXYtZ3B0LWFkLXVwZG93bnRvZGF5X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2OTc1NCIsImRvbWFpbl9pZCI6IjI0NDg3MSIsInVuaXQiOiJkaXYtZ3B0LWFkLXVwZG93bnRvZGF5X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJESyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:32 UTC

GET
H2 200 imp.gif Show response
updowntoday.com/detroitchicago/ 43 B
128 B 35ms
34ms XHR
image/gif 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A5%2C%22ad_location_ids%22%3A%226%2C5%2C1%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A2%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22Copenhagen%22%2C%22country%22%3A%22DK%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A244871%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A2%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1109%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22a7eff552-bc28-49d3-4554-dbc60a0a86d7%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%222750%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A8857%2C%22response_time_orig%22%3A11%2C%22serverid%22%3A%2218.157.168.151%3A17739%22%2C%22state%22%3A%2284%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1109%22%2C%22t_epoch%22%3A1615098506%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fupdowntoday.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A122%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:32 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 47

GET
H2 200 greenoaks.gif Show response
updowntoday.com/detroitchicago/ 0
19 B 34ms
33ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDMtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI3In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjAifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTYwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3RhZyIsInZhbCI6ImVuLVVTIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3ByaW1hcnlfc3VidGFnIiwidmFsIjoiZW4ifV19XQ==
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:32 UTC

GET
H2 200 greenoaks.gif Show response
updowntoday.com/detroitchicago/ 0
42 B 39ms
39ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImE3ZWZmNTUyLWJjMjgtNDlkMy00NTU0LWRiYzYwYTBhODZkNyIsImRvbWFpbl9pZCI6IjI0NDg3MSIsInRfZXBvY2giOjE2MTUwOTg1MDYsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjEzMSJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMjc3In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIxNzQifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIxNzUifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiNjIzIn1dfV0=
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:33 UTC

GET
H2 200 greenoaks.gif Show response
updowntoday.com/detroitchicago/ 0
19 B 32ms
32ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiI0MzgifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjQzOCJ9XX1d
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:31 UTC

GET
H2 200 greenoaks.gif Show response
updowntoday.com/detroitchicago/ 0
19 B 33ms
33ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTdlZmY1NTItYmMyOC00OWQzLTQ1NTQtZGJjNjBhMGE4NmQ3IiwiZG9tYWluX2lkIjoiMjQ0ODcxIiwidF9lcG9jaCI6MTYxNTA5ODUwNiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiI5LjYifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfV0=
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:32 UTC

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 963B 0
418 B 129ms
32ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156983&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 06:23:06 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 greenoaks.gif Show response
updowntoday.com/detroitchicago/ 0
42 B 34ms
34ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://updowntoday.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhN2VmZjU1Mi1iYzI4LTQ5ZDMtNDU1NC1kYmM2MGEwYTg2ZDciLCJkb21haW5faWQiOiIyNDQ4NzEiLCJ0X2Vwb2NoIjoxNjE1MDk4NTA2LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6Ijc1MDAwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjIifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiMTYyMzAwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiIyIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxNjAweDEyMDAifSx7Im5hbWUiOiJ2aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMDAifSx7Im5hbWUiOiJkb2NfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX2hlaWdodCIsInZhbCI6IjEyMDAifV19XQ==
Requested by: Host: updowntoday.com
URL: https://updowntoday.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://updowntoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 06:28:34 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Sat, 06 Mar 2021 06:28:33 UTC

GET
H2 200 dc_oe=ChMI1-zx58ad7wIVFATgCh3HkgxfEAEYACCmxu1F;met=1;&timestamp=1615098520906;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame DD07 42 B
498 B 124ms
42ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1-zx58ad7wIVFATgCh3HkgxfEAEYACCmxu1F;met=1;&timestamp=1615098520906;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 06:28:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
updowntoday.com/	1970-01-19 17:21:30	Name: _pbjs_userid_consent_data Value: 3524755945110770
updowntoday.com/	1970-01-20 02:00:01	Name: cto_bidid Value: 1m7kbF9ha0R2R1dYNnkyN05SVVJmTGxTMHV1SnRMZyUyRkVRSXBrb1BObE03Y0dlcnFhYjZ1dU5Kcm1KbHolMkZZcHVibjkwcGtTRWJJb1ZqTFQ0WEJWUzJFTzlqQ3clM0QlM0Q
updowntoday.com/	1970-01-22 05:57:30	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
updowntoday.com/	1970-01-20 02:00:01	Name: cto_bundle Value: YwvbZV9oYWY5NEMzNDMlMkJ6Y3RiMVhueFE5eUo4V0lZQnM0UXRraU1oRkphWUxJYmlwc2UwRGMwYkYlMkJkbE1KdnNOSzlrTnRINGxDS2h4VXFoUWk3JTJGdjA0VUJJNEI4NWNqb3RwMWpQc1ZSQkhIWVNjdFRDaWM1N2ttQ0FnSlVCdTJWaFZFUg
.updowntoday.com/	1970-01-20 01:23:54	Name: ezCMPCCS Value: false
.updowntoday.com/	1970-01-19 16:41:11	Name: active_template::244871 Value: pub_site.1615098506
.updowntoday.com/	1970-01-19 16:41:11	Name: ezovuuidtime_244871 Value: 1615098506
updowntoday.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
.updowntoday.com/	1970-01-19 16:38:20	Name: ezovid_244871 Value: 1600165624
updowntoday.com/	1970-01-22 05:57:30	Name: ezohw Value: w%3D1600%2Ch%3D1200
.updowntoday.com/	1970-01-19 16:38:25	Name: lp_244871 Value: https://updowntoday.com/
.updowntoday.com/	1970-01-19 16:39:44	Name: ezepvv Value: 0
updowntoday.com/	1969-12-31 23:59:59	Name: ezouspva Value: 0
.updowntoday.com/	1970-01-19 16:38:20	Name: ezopvc_244871 Value: 1
updowntoday.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: i37r9g1esibaed7fvd67ankq45
.updowntoday.com/	1970-01-19 16:38:25	Name: ezoab_244871 Value: mod54
.updowntoday.com/	1970-01-19 16:38:25	Name: ezoref_244871 Value:
.updowntoday.com/	1970-01-19 16:38:20	Name: ezoadgid_244871 Value: -1
.updowntoday.com/	1970-01-19 16:38:20	Name: ezovuuid_244871 Value: dfb08f56-a679-467b-75a5-afe5ed673475

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://updowntoday.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

782ea1d2eea45b25c65f5ee865bd8674.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
ad.atdmt.com
ad.turn.com
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.avads.net
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.dk
aud.pubmatic.com
bh.contextweb.com
bidder.criteo.com
c.bannerflow.net
c1.adform.net
cc.adingo.jp
cdn.ampproject.org
cm.adgrx.com
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.adkernel.com
eb2.3lift.com
ezodn.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
g.ezoic.net
g2.gumgum.com
gcm.ctnsnet.com
go.ezodn.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js.gumgum.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
shared.bannerflow.com
simage2.pubmatic.com
simage4.pubmatic.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
updowntoday.com
ups.analytics.yahoo.com
visitor.fiftyt.com
www.google.com
www.googletagservices.com
www.updowntoday.com
x.bidswitch.net
108.161.188.192
136.144.59.88
142.250.185.98
142.250.186.34
142.250.186.66
142.250.186.98
143.204.209.27
151.101.113.108
151.101.114.49
159.253.128.183
159.65.197.210
173.231.180.197
174.137.133.49
178.250.0.165
178.250.2.146
178.250.2.151
18.156.0.31
18.156.95.187
18.180.1.224
18.195.54.133
185.29.133.52
185.33.221.90
185.64.189.110
185.64.189.112
185.64.189.114
185.64.190.106
185.64.190.78
188.165.137.78
198.148.27.139
199.232.137.44
2.18.233.180
2001:678:cb4:bbbb::11
213.155.156.168
213.19.147.150
213.19.147.151
2606:4700:10::ac43:db6
2606:4700:3034::ac43:a5bb
2606:4700:3037::6815:59e2
2606:4700::6810:c40
2606:4700::6812:c05
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:12::1370
2a03:2880:f006:2:face:b00c:0:8c
3.124.142.110
3.125.253.138
3.126.196.163
3.127.92.82
34.98.107.212
35.186.193.173
35.201.96.126
35.205.207.25
35.227.248.159
37.157.6.251
51.89.9.251
52.16.108.17
52.57.49.235
54.228.192.197
54.36.109.166
63.33.123.138
66.155.71.25
77.243.60.138
85.114.159.93
0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
08375cebca0d36f2fa3ec9e027a974146af7161553e4319a418d4cee6b38bed7
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1b68431bd479f66f60cca8fef9520547c0f28390680174d8b36c5591085e8393
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
21537244b96141ab4ea8c05f51cbe9a7c8d722b9044028943996246d5c6d5cf6
26b4485584314aa0850427462143a6a28b66c982db28deb42766214fad7744c7
2cc09b0d82fa5d05aef18c5468f24d943431683c73266d6a46c8f16325b23620
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
311a42892bf475bb07fdef468183033b4ed1279be748f72784859988fbd023c6
33302d9da48d1fa1f5ce3548ebf2930999bc9542488997e19cb2fe9ac284273c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38e22a9da44d362f72a06246a2653d10f24cb3c8062ab3d63c93273cb41f212f
38f07c7160e5dc7c2623e4150a4b1929e9d259db9f64c8e1e5bc25e5b2dd47f3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40b47f8f2a8aa15e80567ce7d818f9b3a51c99adb6ef60f61fbc475c316166fa
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
421c172f4f115ba30cbb6ad5b5b706c9084b2033f6a70a72efce5a20bf0689e9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4c20c2747553616cbc08aa2f877b3c3ce8ffe7168a81e7cc9b0794202d1cbae8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2fe837fac57d5caa2d862fa289ddac23bb6c2bd37fedecf79ced48cb663c34
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f8dd1d1ec248bc933c041dcb0e7ae8e254f3e2ad9f49de259ae2cdacf913266
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bf11088effbe4314810d8309a06a72c33e9cabaf234f50aef9052650292868
51e11a7c55044e36f2ce0f57235975cdd61ea8176e65edf0867925cc2ae784e1
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad
68197ac5c5260bd2d7bf01b44c6828edba8f9a961771de44dc3fecebd98b2cf2
6a269449dc9a2b38af97bf0d5d04aae94d19d69e1d62f728628de3554e2678e7
73659609288d7036477f63d33e6c3e8575c40a6a1c849b6153b4bd7e0baf710f
75ad2a295a91a452e7e1c8f07d9c31e5abbd1995eec3a5377a8593dbb658db39
7aeee37cba9b03f4ab2a8b5593628d7848d2c624086f78b0f0b96dd29a15e05c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fff143c2a39269ba1aeae88a6e416e80284a281ed1073ce60013a866dc69b50
82c8dceb6b0ac37e43dd6870591ed3a1025fe642ffc706a9a116027c600806c7
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
89bf3de8570a10482ca91e099cef7e17d0d7d3c79cea977d13b48d76d77400c3
8c2cef937c83d593f0ab8cc696a2015b06d0894547ad10445b14e17e14674c8f
90942d87197e5381d7af4f6671567ac8250d322999792aab578073016b5ad0e5
909dde01f9dbb1039af7e3bb99e8e90a0d6e1831d1e056121b2c092b8966abe5
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73b5e53a22a20b8b935fe91df39d9cdbbd69b16b94372dc6c2a07137b3b89c0
a7c4efd1f41f3683d4845c653d5166988897616f79951568dad9323c26f2d6f3
a87d1742fea1badee591003c1a567eedd470524918d3d4d7f9a15935c4e98f3a
b0ea8115d7b9e0a1b0a64d19f2ef526c2e13d0eff34099a38e0fb86bdd53bb69
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b930a131bce632e30468d53ba640c7ef7e4fe27e45b7365067bcb5fe509b58e7
bd91996ae2e8edb6395b041cc66625a0c1e02a322e90ff0a7c208f8b8f6d4157
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d679ac84ecc9a5b589e84f21c81e8d7e49bf01d5b38ec3e6ff86c47e623e72
d2ec856bb58188dd2dfea5848df664d4b65f51c7a459449b294c59b367eff9b2
d63707338a0258a11cbf7600dce37035688c1f9e7b84494b75e8252c8be68bc0
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b92530616ddbefbed0e825e094cd914f17ae899b42152f17028a0073f5eb62
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae
f8e041458975e71884aecd7832fab1a496aff1c38af68dbe47f7e7c084a7b6f7
fe222c3473810d3c513a22703603cf2a641a2ff01755010fd5b78d896328d421

updowntoday.com Open in urlscan Pro 3.126.196.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

100 %HTTPS

30 %IPv6

58 Domains

86 Subdomains

54 IPs

10 Countries

1123 kBTransfer

3270 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

updowntoday.com Open in urlscan Pro
3.126.196.163 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

100 %
HTTPS

30 %
IPv6

58
Domains

86
Subdomains

54
IPs

10
Countries

1123 kB
Transfer

3270 kB
Size

19
Cookies

173 HTTP transactions
3 data transactions