urlscan.io logo urlscan.io
SecurityTrails logo

iobit-malware-fighter.softonic.cn Open in urlscan Pro
35.227.233.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://iobit-malware-fighter.softonic.cn/
Effective URL: https://iobit-malware-fighter.softonic.cn/
Submission: On June 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 59 IPs in 6 countries across 61 domains to perform 212 HTTP transactions. The main IP is 35.227.233.104, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is iobit-malware-fighter.softonic.cn.
TLS certificate: Issued by Don Dominio / MrDomain RSA DV CA on December 23rd 2022. Valid for: a year.
This is the only time iobit-malware-fighter.softonic.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 35.227.233.104 15169 (GOOGLE)
2 2600:9000:251... 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2620:100:a001::4 19750 (AS-CRITEO)
15 151.101.193.91 54113 (FASTLY)
24 2600:1400:d:5... 20940 (AKAMAI-ASN1)
1 13.225.224.171 16509 (AMAZON-02)
3 108.138.107.138 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 108.138.106.124 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 162.19.138.117 16276 (OVH)
2 2600:9000:251... 16509 (AMAZON-02)
1 18.164.96.77 16509 (AMAZON-02)
1 18.164.98.157 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.251.40.166 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 108.139.38.124 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 34.231.15.60 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 162.19.138.116 16276 (OVH)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 14 52.46.130.91 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
4 4 199.127.204.147 26120 (RHYTHMONE)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 34.196.5.17 14618 (AMAZON-AES)
2 10 192.40.39.223 27381 (CASALE-MEDIA)
2 184.50.204.192 16625 (AKAMAI-AS)
4 23.73.244.44 16625 (AKAMAI-AS)
2 5 35.244.159.8 15169 (GOOGLE)
1 1 199.187.193.182 47043 (SMARTADSE...)
2 2 35.71.139.29 16509 (AMAZON-02)
2 2 68.67.160.186 29990 (ASN-APPNEX)
1 20 35.172.99.217 14618 (AMAZON-AES)
3 3 35.211.178.172 19527 (GOOGLE-2)
1 1 35.211.118.13 15169 (GOOGLE)
3 3 34.111.113.62 396982 (GOOGLE-CL...)
8 8 35.71.131.137 16509 (AMAZON-02)
1 1 3.81.178.203 14618 (AMAZON-AES)
2 2 64.74.236.31 22075 (AS-OUTBRAIN)
1 1 184.50.205.247 16625 (AKAMAI-AS)
1 1 198.148.27.139 19189 (PULSEPOINT)
3 4 70.42.32.255 13789 (INTERNAP-...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 52.2.125.106 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 2 169.197.150.8 398989 (DEEPINTENT)
2 2 34.199.137.96 14618 (AMAZON-AES)
1 1 23.105.12.171 30633 (LEASEWEB-...)
5 9 142.251.32.98 15169 (GOOGLE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 141.226.224.48 200478 (TABOOLA-AS)
1 174.137.133.32 27257 (WEBAIR-IN...)
1 8.2.111.13 46636 (NATCOWEB)
1 1 74.121.140.211 30419 (MEDIAMATH...)
2 2 151.101.66.49 54113 (FASTLY)
1 1 202.241.208.54 4694 (IDCF IDC ...)
1 1 80.77.87.162 ()
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 104.127.84.215 16625 (AKAMAI-AS)
7 11 69.173.151.100 26667 (RUBICONPR...)
9 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 8.43.72.98 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.95.122.74 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 139.45.240.92 ()
1 2606:4700::68... ()
1 2 2620:100:a001::c ()
1 74.119.119.150 ()
1 74.119.119.139 ()
212 59
6    35.227.233.104 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 104.233.227.35.bc.googleusercontent.com
iobit-malware-fighter.softonic.cn
softonic.cn
2    2600:9000:2510:6600:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
4    2607:f8b0:4006:817::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2607:f8b0:4006:820::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
partner.googleadservices.com
7    2607:f8b0:4006:824::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
15    151.101.193.91 (United States)

ASN54113 (FASTLY, US)
sc.sftcdn.net
24    2600:1400:d:5a0::29cc (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
images.sftcdn.net
1    13.225.224.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-224-171.jfk51.r.cloudfront.net
www.datadoghq-browser-agent.com
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net
static.hotjar.com
2    2607:f8b0:4006:820::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2606:4700::6812:cedb (United States)

ASN13335 (CLOUDFLARENET, US)
js.srvtrck.com
search.srvtrck.com
hades.srvtrck.com
i.srvtrck.com
3    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
2    2600:9000:2512:6c00:d:2044:5c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.privacy-center.org
1    18.164.96.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-77.jfk50.r.cloudfront.net
script.hotjar.com
1    18.164.98.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-98-157.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.251.40.166 (East White Plains, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f6.1e100.net
ad.doubleclick.net
1    2607:f8b0:4006:821::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    108.139.38.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-38-124.jfk50.r.cloudfront.net
dnlgm0m0r44nl.cloudfront.net
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    34.231.15.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-15-60.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    2607:f8b0:4006:823::2010 (Flushing, United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2607:f8b0:4006:809::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
14    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2607:f8b0:4006:809::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
4    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    34.196.5.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-5-17.compute-1.amazonaws.com
rtb.gumgum.com
10    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    184.50.204.192 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-204-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    68.67.160.186 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
20    35.172.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-99-217.compute-1.amazonaws.com
usersync.gumgum.com
3    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    35.211.118.13 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
8    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    3.81.178.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-178-203.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    64.74.236.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    184.50.205.247 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-247.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    2606:4700:3037::6815:444a (United States)

ASN13335 (CLOUDFLARENET, US)
cm.rtbsystem.com
3    2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    52.2.125.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-125-106.compute-1.amazonaws.com
sync.ipredictive.com
1    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    34.199.137.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-137-96.compute-1.amazonaws.com
ad.360yield.com
1    23.105.12.171 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
9    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
1    8.2.111.13 (United States)

ASN46636 (NATCOWEB, US)
cs.iqzone.com
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    202.241.208.54 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    80.77.87.162 (None, )

ASN- ()
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    104.127.84.215 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-84-215.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
9    2607:f8b0:4006:81f::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2607:f8b0:4006:821::200a (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:80e::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    2607:f8b0:4006:820::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2607:f8b0:4006:81e::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    139.45.240.92 (None, )

ASN- ()
notix.io
1    2606:4700::6812:cddb (None, )

ASN- ()
hades.srvtrck.com
2    2620:100:a001::c (None, )

ASN- ()
gum.criteo.com
1    74.119.119.150 (None, )

ASN- ()
sslwidget.criteo.com
1    74.119.119.139 (None, )

ASN- ()
mug.criteo.com
Apex Domain
Subdomains		 Transfer
39 sftcdn.net
sc.sftcdn.net — Cisco Umbrella Rank: 105752
images.sftcdn.net — Cisco Umbrella Rank: 97653
219 KB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
ad.doubleclick.net — Cisco Umbrella Rank: 182
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 121
cm.g.doubleclick.net — Cisco Umbrella Rank: 248
173 KB
21 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1585
usersync.gumgum.com — Cisco Umbrella Rank: 1913
7 KB
20 googlesyndication.com
daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 154
pagead2.googlesyndication.com — Cisco Umbrella Rank: 127
160 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 353
aax.amazon-adsystem.com — Cisco Umbrella Rank: 443
s.amazon-adsystem.com — Cisco Umbrella Rank: 335
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1023
72 KB
17 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 627
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1112
token.rubiconproject.com — Cisco Umbrella Rank: 636
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1154
pixel.rubiconproject.com — Cisco Umbrella Rank: 375
29 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 3
ampcid.google.com — Cisco Umbrella Rank: 2285
analytics.google.com — Cisco Umbrella Rank: 272
adservice.google.com — Cisco Umbrella Rank: 106
107 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 490
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612
8 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 385
4 KB
7 srvtrck.com
js.srvtrck.com — Cisco Umbrella Rank: 363917
search.srvtrck.com
hades.srvtrck.com
i.srvtrck.com
24 KB
6 softonic.cn
iobit-malware-fighter.softonic.cn
softonic.cn — Cisco Umbrella Rank: 731193
214 KB
5 gstatic.com
fonts.gstatic.com
78 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 723
us-u.openx.net — Cisco Umbrella Rank: 491
1 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 427
cdn.id5-sync.com — Cisco Umbrella Rank: 785
36 KB
4 criteo.com
gum.criteo.com
sslwidget.criteo.com
mug.criteo.com
8 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 734
1 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 356
r.bidswitch.net — Cisco Umbrella Rank: 7756
2 KB
4 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 477
fonts.googleapis.com — Cisco Umbrella Rank: 67
9 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
297 KB
4 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 5966
api.privacy-center.org — Cisco Umbrella Rank: 8695
89 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
165 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 454
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 511
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 630
2 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 492
701 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 748
642 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 670
647 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1156
523 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 569
1 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 472
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 406
738 B
2 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 5240
ssbsync.smartadserver.com — Cisco Umbrella Rank: 861
444 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 541
12 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1017
859 B
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 9940
999 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 826
458 B
2 cloudfront.net
dnlgm0m0r44nl.cloudfront.net
16 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1143
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
21 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 733
script.hotjar.com — Cisco Umbrella Rank: 1102
73 KB
1 notix.io
notix.io
266 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 390
730 B
1 admanmedia.com
cs.admanmedia.com
660 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1076
832 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 548
668 B
1 iqzone.com
cs.iqzone.com — Cisco Umbrella Rank: 1757
175 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1350
192 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1077
310 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1953
422 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1560
3 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1043
465 B
1 rtbsystem.com
cm.rtbsystem.com — Cisco Umbrella Rank: 4762
1 KB
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 625
817 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 578
684 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 758
885 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1292
600 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1101
420 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1086
409 B
1 btloader.com
btloader.com — Cisco Umbrella Rank: 1063
7 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2001
47 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 562
15 KB
212 61
Domain Requested by
24 images.sftcdn.net iobit-malware-fighter.softonic.cn
20 usersync.gumgum.com 1 redirects rtb.gumgum.com
15 sc.sftcdn.net iobit-malware-fighter.softonic.cn
sc.sftcdn.net
14 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
u.openx.net
12 securepubads.g.doubleclick.net iobit-malware-fighter.softonic.cn
securepubads.g.doubleclick.net
sc.sftcdn.net
www.datadoghq-browser-agent.com
daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
www.googletagservices.com
9 tpc.googlesyndication.com daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9 cm.g.doubleclick.net 5 redirects rtb.gumgum.com
u.openx.net
s.amazon-adsystem.com
8 match.adsrvr.org 8 redirects
7 pagead2.googlesyndication.com www.googletagservices.com
www.datadoghq-browser-agent.com
tpc.googlesyndication.com
7 www.google.com iobit-malware-fighter.softonic.cn
www.google.com
tpc.googlesyndication.com
6 pixel.rubiconproject.com 3 redirects s.amazon-adsystem.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 fonts.gstatic.com fonts.googleapis.com
5 token.rubiconproject.com 4 redirects s.amazon-adsystem.com
4 hades.srvtrck.com js.srvtrck.com
hades.srvtrck.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
rtb.gumgum.com
4 daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.googletagmanager.com iobit-malware-fighter.softonic.cn
www.googletagmanager.com
sdk.privacy-center.org
3 www.googletagservices.com daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
3 fonts.googleapis.com daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
3 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
3 us-u.openx.net 1 redirects u.openx.net
3 pixel.tapad.com 3 redirects
3 x.bidswitch.net 3 redirects
3 sync.1rx.io 3 redirects
3 id5-sync.com softonic.cn
www.datadoghq-browser-agent.com
3 c.amazon-adsystem.com softonic.cn
www.datadoghq-browser-agent.com
3 softonic.cn iobit-malware-fighter.softonic.cn
softonic.cn
3 iobit-malware-fighter.softonic.cn 1 redirects softonic.cn
2 gum.criteo.com 1 redirects static.criteo.net
2 creativecdn.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com 1 redirects ssum-sec.casalemedia.com
2 b1sync.zemanta.com 2 redirects
2 secure.adnxs.com 2 redirects
2 eb2.3lift.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
2 ad.turn.com 2 redirects
2 afs.googleusercontent.com www.google.com
2 adservice.google.com securepubads.g.doubleclick.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev www.datadoghq-browser-agent.com
2 cdn.id5-sync.com iobit-malware-fighter.softonic.cn
securepubads.g.doubleclick.net
2 dnlgm0m0r44nl.cloudfront.net js.srvtrck.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.datadoghq-browser-agent.com
2 ad-delivery.net iobit-malware-fighter.softonic.cn
2 api.privacy-center.org sdk.privacy-center.org
2 www.google-analytics.com www.googletagmanager.com
iobit-malware-fighter.softonic.cn
2 sdk.privacy-center.org iobit-malware-fighter.softonic.cn
sdk.privacy-center.org
1 mug.criteo.com
1 sslwidget.criteo.com static.criteo.net
1 notix.io
1 i.srvtrck.com
1 search.srvtrck.com www.datadoghq-browser-agent.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 tg.socdm.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cs.iqzone.com rtb.gumgum.com
1 sync.adkernel.com rtb.gumgum.com
1 sync.taboola.com 1 redirects
1 s.company-target.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 cm.rtbsystem.com 1 redirects
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 r.bidswitch.net 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 rtb.gumgum.com s.amazon-adsystem.com
1 sync.targeting.unrulymedia.com 1 redirects
1 lb.eu-1-id5-sync.com www.datadoghq-browser-agent.com
1 storage.googleapis.com iobit-malware-fighter.softonic.cn
1 analytics.google.com www.googletagmanager.com
1 ampcid.google.com www.datadoghq-browser-agent.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 ad.doubleclick.net iobit-malware-fighter.softonic.cn
1 aax.amazon-adsystem.com www.datadoghq-browser-agent.com
1 script.hotjar.com static.hotjar.com
1 js.srvtrck.com iobit-malware-fighter.softonic.cn
1 partner.googleadservices.com www.google.com
1 static.hotjar.com www.googletagmanager.com
1 btloader.com softonic.cn
1 www.datadoghq-browser-agent.com softonic.cn
1 static.criteo.net iobit-malware-fighter.softonic.cn
212 93

This site contains links to these domains. Also see Links.

Domain
www.softonic.cn
roblox.softonic.cn
chrome.softonic.cn
www.softonic-ar.com
de.softonic.com
en.softonic.com
www.softonic.com
fr.softonic.com
www.softonic-id.com
it.softonic.com
www.softonic.jp
www.softonic.kr
www.softonic.nl
www.softonic.pl
www.softonic.com.br
www.softonic.ru
www.softonic-th.com
www.softonic.com.tr
www.softonic.vn
malwarebytes-anti-malware.softonic.cn
spybot-search-destroy.softonic.cn
images.sftcdn.net
www.iobit.com
www.facebook.com
twitter.com
api.whatsapp.com
docs.google.com
iobit-malware-fighter.softonic.jp
iobit-malware-fighter.softonic-ar.com
iobit-malware-fighter.en.softonic.com
iobit-malware-fighter.softonic.com.br
iobit-malware-fighter.softonic-th.com
iobit-malware-fighter.softonic-id.com
iobit-malware-fighter.softonic.pl
iobit-malware-fighter.de.softonic.com
iobit-malware-fighter.softonic.nl
iobit-malware-fighter.softonic.com.tr
iobit-malware-fighter.softonic.com
iobit-malware-fighter.fr.softonic.com
iobit-malware-fighter.softonic.vn
iobit-malware-fighter.softonic.ru
iobit-malware-fighter.it.softonic.com
iobit-malware-fighter.softonic.kr
1111-w-warp.softonic.cn
spy-ad-exterminator.softonic.cn
spam-reader.softonic.cn
ads-alert.softonic.cn
spambayes.softonic.cn
windows-defender.softonic.cn
avast.softonic.cn
advanced-systemcare-ultimate.softonic.cn
combofix.softonic.cn
belkasoftramcapturer.softonic.cn
anti-spam-guard.softonic.cn
spam-bully.softonic.cn
runscanner.softonic.cn
zemana-antilogger.softonic.cn
utopia-p2p.softonic.cn
mail-box-dispatcher.softonic.cn
wipersoft.softonic.cn
clean-disk-security.softonic.cn
spyblocker.softonic.cn
spywarefighter.softonic.cn
clean-space.softonic.cn
hello.softonic.com
get-support.softonic.com
revamp.softonic.com
dev-support.softonic.com
www.linkedin.com
fetchrss.com
Subject Issuer Validity Valid
*.softonic.com
Don Dominio / MrDomain RSA DV CA		 2022-12-23 -
2023-12-22		 a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
s4-san.cloudinary.com
R3		 2023-04-06 -
2023-07-05		 3 months crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-05 -
2023-08-05		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
api.privacy-center.org
Amazon RSA 2048 M02		 2023-03-01 -
2023-07-27		 5 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-06-07 -
2024-07-06		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2		 2023-04-05 -
2024-05-06		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
notix.io
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh

This page contains 31 frames:

Primary Page: https://iobit-malware-fighter.softonic.cn/
Frame ID: 7F641B71DF62369A103D8C660E51AF55
Requests: 102 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&sct=ID%3Ddcd92ea7b614117f%3AT%3D1686230886%3ART%3D1686230886%3AS%3DALNI_MZzruOGHoInqQ0-2GiTWwiad9c9tQ&sc_status=3&hl=zh&cpp=3&rpbu=https%3A%2F%2Fwww.softonic.cn%2Fs%2F%3Frscp%3Ddsk_rscp_zh_pp%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4&nocache=7171686230886936&num=0&output=afd_ads&domain_name=iobit-malware-fighter.softonic.cn&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686230886938&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4746&frm=0&cl=537871741&uio=wi290-&cont=rscontainer&jsid=csa&jsv=537871741&rurl=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&adbw=master-1%3A290
Frame ID: 29FD29A7B05118F543D4612409B34335
Requests: 4 HTTP requests in this frame

Frame: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0D9696092BD45A67B9B07B479D344F88
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Frame ID: F0547917DDC24E347202987D02A87E48
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: E904974A2B4F859792F403B721E11381
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 5B7B326EE1F4A35C836E1F724A43CB01
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 5473F9E0C7CDE343C8973A781C46D7DE
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 987ECC97DCAEEA547BB41BC7B7638F18
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: FDDE2EAF81854465DA8768D82BFA0A23
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 1B7DEEC6F0C079521E180C94D4B3BCBA
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7241001127042410615&gdpr=0&gdpr_consent=
Frame ID: 5D4EC46E5161D9C3896F5615677ACB05
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1727900444351892618011
Frame ID: 17546E0B34C5F95AED02E7F3E9580704
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 1280198E16166548AC1D7555E0C2115A
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: 39B320CB6CBD13BF5FA6C7A7AB56FBCE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: C1440F52F3D7D45A9C3285F6F88FF1A4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=0a441050-130f-4faa-9817-71fafc854956
Frame ID: 1D433DAF6BDD4D34070E014776A6283B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=85ed6481-d768-4600-869f-20886a69d550&gdpr=&gdpr_consent=
Frame ID: 2610A9AB0E2ABDE03F7283EDBF966B00
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZIHXaAAQLCdviwBL&gdpr=&gdpr_consent=&_test=ZIHXaAAQLCdviwBL
Frame ID: 41E1087AD88800FFDA786A3BE2A4A116
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81YTAwYmQzZi1mYTFhLTRkYzItYjA2ZC1hMWM5OTc3ZWM5MzI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: B485F66614E2A2626042352077664504
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZIHXaMCo5tEAANykFCYAAAAA
Frame ID: 59E9BACC1B642E22A6C84DEF227788EE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=1ea9a79a-6327-4e03-ae3a-1a3b3efe4f00
Frame ID: 8C3C229D23654EAAD490B1A7AF56BEB2
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: AF9BD8606D1530F08A5E69B881B06604
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=YXPRNcrJ7lpREJNe5rHO&pi=gumgum&tc=1
Frame ID: 0330B10E78321C4EFDF52910AE8C5736
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 8635583ED83F5A791EF7BA2B34627555
Requests: 3 HTTP requests in this frame

Frame: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 11D0298E0D8EC2F3FD8CAA2E3220451C
Requests: 11 HTTP requests in this frame

Frame: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F7EB284253C5A52A00523149433A1103
Requests: 9 HTTP requests in this frame

Frame: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2CE9D2C73CEDF46369D49E554E6A4DB7
Requests: 12 HTTP requests in this frame

Frame: https://hades.srvtrck.com/v2/uuid.html
Frame ID: 32E6DB7984934A5205ACB30EF468B1DB
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 47901CA43C67AA995A0186F983177BC7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BCA37CA5384E67FBCBAE69EA1230751C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=iobit-malware-fighter.softonic.cn&origin=onetag
Frame ID: 2B29D01328A4AFD8D5C4FBC920C37588
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IObit Malware Fighter 版 - 下载

Page URL History Show full URLs

  1. http://iobit-malware-fighter.softonic.cn/ HTTP 301
    https://iobit-malware-fighter.softonic.cn/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

212
Requests

85 %
HTTPS

38 %
IPv6

61
Domains

93
Subdomains

59
IPs

6
Countries

1881 kB
Transfer

5519 kB
Size

86
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://iobit-malware-fighter.softonic.cn/ HTTP 301
    https://iobit-malware-fighter.softonic.cn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Request Chain 101
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1686230888183 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2278487850 HTTP 302
  • https://sync.1rx.io/usersync/turn/8586564380717791997?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7ae8b7e3-8b29-4305-b08f-8db611fd254e-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-7ae8b7e3-8b29-4305-b08f-8db611fd254e-005 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7ae8b7e3-8b29-4305-b08f-8db611fd254e-005
Request Chain 103
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 106
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 107
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7241001127042410615&gdpr=0&gdpr_consent=
Request Chain 108
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1727900444351892618011
Request Chain 110
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4051888546865684590
Request Chain 111
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=456b4b69-dd0a-4acc-85aa-daffd9807d36 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=456b4b69-dd0a-4acc-85aa-daffd9807d36&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dgumgum2%26bsw_param%3D456b4b69-dd0a-4acc-85aa-daffd9807d36 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=456b4b69-dd0a-4acc-85aa-daffd9807d36&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dgumgum2%26bsw_param%3D456b4b69-dd0a-4acc-85aa-daffd9807d36 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d044f0b0-8e39-4fcd-8aae-f0e51c9541d9%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dgumgum2%252526bsw_param%25253D456b4b69-dd0a-4acc-85aa-daffd9807d36%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0a441050-130f-4faa-9817-71fafc854956&ttd_puid=d044f0b0-8e39-4fcd-8aae-f0e51c9541d9%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dgumgum2%2526bsw_param%253D456b4b69-dd0a-4acc-85aa-daffd9807d36%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=gumgum2&bsw_param=456b4b69-dd0a-4acc-85aa-daffd9807d36 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=456b4b69-dd0a-4acc-85aa-daffd9807d36&gdpr=&gdpr_consent=&us_privacy=
Request Chain 112
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0a85bc50-c7c1-5123-545e-ff63a719c296$ip$96.9.249.40
Request Chain 113
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=336Qg1ufnM33vzqHdcZB&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHUZTGNSRM4YXKZTOJUZTG5T2OFEGIY22II HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHUZTGNSRM4YXKZTOJUZTG5T2OFEGIY22II HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=336Qg1ufnM33vzqHdcZB
Request Chain 114
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=bLM7FHTiJAdX&ev=1&pid=558355
Request Chain 115
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28gdmZ5zQcsNNv4rs2fzGi_bkpWOu4q71tWmFVxwq8iBnUdWj2iQ0LaW69kbWo0yGE%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28gdmZ5zQcsNNv4rs2fzGi_bkpWOu4q71tWmFVxwq8iBnUdWj2iQ0LaW69kbWo0yGE%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&obuid=ENC(gdmZ5zQcsNNv4rs2fzGi_bkpWOu4q71tWmFVxwq8iBnUdWj2iQ0LaW69kbWo0yGE) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://cm.rtbsystem.com/usermatch/ob?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drtbsystem%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING%26us_privacy%3D$CCPA%26uid%3D%7Buserid%7D%26initiator%3Dplatform%26obUid%3DgdmZ5zQcsNNv4rs2fzGi_bkpWOu4q71tWmFVxwq8iBnUdWj2iQ0LaW69kbWo0yGE HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=23b3d329-bf12-58ca-b3da-068d6210bc0f&initiator=platform&obUid=gdmZ5zQcsNNv4rs2fzGi_bkpWOu4q71tWmFVxwq8iBnUdWj2iQ0LaW69kbWo0yGE
Request Chain 116
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=89b2cdb1-2f54-010e-3aba-a3dc9bf2209c
Request Chain 117
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-pFWdi3NE2peVclTheWu3tjHm220c0bOoPd9r~A
Request Chain 118
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=91109730-4e3f-4868-86dd-10c1a5f7e229
Request Chain 119
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=A42684DA40694E48B36D7397BF65523E
Request Chain 120
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_d941c3fecddf495391179
Request Chain 121
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=9d112edc-7c27-4fc9-bf5d-358db08c77a6
Request Chain 122
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7241001127042410615
Request Chain 124
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIHXaLR1NnDOghLlfgqgVQAABYcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDOcVR8jzk4BHndejVd0z2Q&google_cver=1
Request Chain 126
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIHXaLR1NnDOghLlfgqgVQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPvttd0j15i0SahXcfbIr24&google_cver=1
Request Chain 127
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a441050-130f-4faa-9817-71fafc854956&expiration=1688822888&gdpr=0&gdpr_consent=
Request Chain 129
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702042088&external_user_id=9e72237e-0c6a-4e8b-a151-4ef2d23b9dd5
Request Chain 130
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZIHXaLR1NnDOghLlfgqgVQAA%261415&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a58d7523-cba2-48df-8309-7c9920e33ba0-tuctb7b5ce8
Request Chain 131
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8514506786679864061
Request Chain 136
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=0a441050-130f-4faa-9817-71fafc854956
Request Chain 137
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=85ed6481-d768-4600-869f-20886a69d550&gdpr=&gdpr_consent=
Request Chain 138
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZIHXaAAQLCdviwBL HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZIHXaAAQLCdviwBL&gdpr=&gdpr_consent=&_test=ZIHXaAAQLCdviwBL
Request Chain 140
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZIHXaMCo5tEAANykFCYAAAAA
Request Chain 144
  • https://match.adsrvr.org/track/cmf/openx?oxid=7e8f69c1-0741-3958-5dc1-b33153a221da&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=7e8f69c1-0741-3958-5dc1-b33153a221da&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a441050-130f-4faa-9817-71fafc854956&ttd_puid=7e8f69c1-0741-3958-5dc1-b33153a221da&gdpr=0&gdpr_consent=
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFE_t_1elBYfeFRSB_Rnmj4&google_cver=1
Request Chain 147
  • https://cs.admanmedia.com/sync/gumgum?puid=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=1ea9a79a-6327-4e03-ae3a-1a3b3efe4f00
Request Chain 149
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=YXPRNcrJ7lpREJNe5rHO&pi=gumgum&tc=1
Request Chain 150
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 167
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LIN6C0RT-25-JG5X HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LIN6C0RT-25-JG5X&ex=d-rubiconproject.com&status=ok
Request Chain 169
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElONkMwUlQtMjUtSkc1WA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMZfx_ziNCN3CzNsQ2LEYNA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElONkMwUlQtMjUtSkc1WA==&google_push=
Request Chain 170
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/TOz1wyEfYMA8_djtwa6Rwsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nyeuS7tE2oIFydJLbKWSZa1afKbzRswxGT3s3Q--~A
Request Chain 171
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIN6C0RT-25-JG5X
Request Chain 172
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0a441050-130f-4faa-9817-71fafc854956&gdpr=0&gdpr_consent=&expires=30
Request Chain 173
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Mv0hjKLxSV6DvsTooS8PdQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Mv0hjKLxSV6DvsTooS8PdQ
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ-sjz-9XBtLctIlBLWiMDs&google_cver=1
Request Chain 176
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRjMzk4NWFlMmFjNmZlNWY5OTI0MzE2MzNmYzg2MThiZGJhN2NkNQ
Request Chain 186
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LIN6C0RT-25-JG5X HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LIN6C0RT-25-JG5X
Request Chain 214
  • https://gum.criteo.com/sid/json?origin=onetag&domain=softonic.cn&sn=ChromeSyncframe&so=0&topUrl=iobit-malware-fighter.softonic.cn&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=zS1yoXxRMzdjeUFnOEZxYVBIMjAxdnVtVTdjZnFwTFdsMElHbElZS2ZLbzUvUktsS21QSFBhS0Vydytta3c4a051NzNlcnNGNmQzdmZjSm9nNkxoMGN5RGFvT2JBcGpzYWo0UXpHUzByY3ZPTGh2Z0VRd09zMzVBczNuTnRKam1wK3VVa1NWR3NweitqVmZvZmxGUzFrRWg1OXArYnNNQi9zUytGbTQwVlNkb1NMVTZHYWRnNS8vYWIyeGMrdnluZU9mc3o5SkZ5dmdSU29RS1RVZVV3NzdpRmxXZEI3R0tMc1FPUFFLYUZCZ0ZTeEFqMlBQWENXOHFTa0w1VzdnZTFaUTZWbXdNNkM0MjJLNzBWdDRkdUR0LzJ1dz09fA&cppv=2

212 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
iobit-malware-fighter.softonic.cn/
Redirect Chain
  • http://iobit-malware-fighter.softonic.cn/
  • https://iobit-malware-fighter.softonic.cn/
308 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
2ed85722b143d0c54f95a355a412a8de294c019139a670b65f515189b932fbc3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
br
content-language
zh-CN
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 08 Jun 2023 13:28:05 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
user-agent,accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-detected-as
desktop
x-envoy-upstream-service-time
178
x-frame-options
sameorigin
x-is-bot
false
x-page-id
app
x-rendered-as
desktop
x-request-id
e4dcbf84-7c24-417b-8392-27e37907ba6b
x-served-by
server-b48cbcc4c-czmm9
x-version
1.5872.0
x-xss-protection
1

Redirect headers

Via
1.1 google
cache-control
no-cache
content-length
0
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 08 Jun 2023 13:28:05 GMT
location
https://iobit-malware-fighter.softonic.cn/
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
x-content-type-options
nosniff
x-envoy-upstream-service-time
9
x-frame-options
sameorigin
x-request-id
20b3833b-a173-4190-8cce-ef0d54a33dfb
x-served-by
server-b48cbcc4c-h8tnm
x-version
1.5872.0
x-xss-protection
1
loader.js
sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/ 		53 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=softonic.cn
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:6600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0f4a47d882fa70b3e4d9fd09fe39f679587dfb4ec5328b04b2096df1bb516d34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 12:28:30 GMT
content-encoding
gzip
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-didomi-remote-config-source
Lambda
server
CloudFront
x-amz-cf-pop
JFK50-P5
age
3575
etag
"51ad0ff03b547b6207079966ff915ae6"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
10308
x-amz-cf-id
h3U28cerkhlHzuuZk53U5ugXRF3DsN341uWi4-T7rAlPnSDELSiONA==
gtm.js
www.googletagmanager.com/ 		400 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44900482b51fe7f0be37b2821a6601cd9b4c9a29876e69252898ea0163c162d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114500
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Jun 2023 13:28:05 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a81cb956c106059e677fe59e2068043c526758509a728bfb0410bd67810ade7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25254
x-xss-protection
0
server
cafe
etag
941 / 19516 / m202306010101 / config-hash: 9074073763038175863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 08 Jun 2023 13:28:05 GMT
ads.js
www.google.com/adsense/search/ 		140 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74cfe810b9c516f53664b35c4f89e90073fbbd03da994fc299636dc0bc3ae23d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"13279118432341385747"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Thu, 08 Jun 2023 13:28:05 GMT
sft-prebid.js
softonic.cn/revamp/ 		304 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic.cn/revamp/sft-prebid.js
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
65a5f06c8dff9cd0ceb7c0e4b48d917bdc8ed613a0cb281e1cc82a4cefb2a2ed

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Origin
https://iobit-malware-fighter.softonic.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-version
1.1116.0
date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
14352
x-cache
HIT, HIT
x-envoy-upstream-service-time
7
x-region
MA
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87893
x-request-id
9aac2153-c6bb-42e2-b818-4729262a30c4
x-served-by
cache-ams21030-AMS, cache-bfi-krnt7300028-BFI
x-platform-version
NT 10.0
x-browser-version
114.0.5735.106
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1686230886.906818,VS0,VE0
etag
W/"484a0a90a172e05746b39a619b64b665"
x-browser-name
Chrome
vary
Accept-Encoding,x-country-code,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
1, 129
ld.js
static.criteo.net/js/ld/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 17 May 2023 12:05:15 GMT
server
nginx
etag
W/"6464c2fb-b219"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Jun 2023 13:28:05 GMT
72c3f-d5e4a.mjs
sc.sftcdn.net/scripts/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/72c3f-d5e4a.mjs
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
344d910c159876ec52b39cc4644cfcfe0225114476f99da15b60804d5e4fc854

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Origin
https://iobit-malware-fighter.softonic.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Fri, 31 May 2024 09:39:31 GMT
date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
618515
x-cache
HIT, HIT
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13655
x-served-by
cache-ams21077-AMS, cache-yyz4531-YYZ
last-modified
Thu, 01 Jun 2023 09:32:58 GMT
server
istio-envoy
x-timer
S1686230886.792306,VS0,VE0
etag
W/"647865ca-bfa0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
92, 8
23986-3b9a8.mjs
sc.sftcdn.net/scripts/ 		94 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/23986-3b9a8.mjs
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
b7699910e9f9c4c1b19c137d93844f7b5a145384686cf85ff9c4659939dc9e0c

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Origin
https://iobit-malware-fighter.softonic.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Thu, 06 Jun 2024 07:23:44 GMT
date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
108261
x-cache
HIT, HIT
x-envoy-upstream-service-time
4
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
20868
x-served-by
cache-ams12770-AMS, cache-yyz4531-YYZ
last-modified
Tue, 06 Jun 2023 09:45:06 GMT
server
istio-envoy
x-timer
S1686230886.792631,VS0,VE0
etag
W/"647f0022-178ea"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
5, 37
iobit-malware-fighter-Malware%20Fighter%208_icon_size256.png
images.sftcdn.net/images/t_app-icon-s/p/0a67c93e-96d5-11e6-9c20-00163ed833e7/83624439/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/0a67c93e-96d5-11e6-9c20-00163ed833e7/83624439/iobit-malware-fighter-Malware%20Fighter%208_icon_size256.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1a89b0d8913bd738c82202577aaa5c5125e75e691c9f7e880421ed33f64833db
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:50:07 GMT
server
Cloudinary
etag
"5141c50c0129ef5f532e3df72b0d5567"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="83624439.webp"
server-timing
cld-akam;dur=29;start=2023-06-08T13:28:05.977Z;desc=miss,rtt;dur=24,cloudinary;dur=115;start=2023-06-08T12:17:10.576Z, ak_p; desc="1686230885990_388099671_197263649_1330_2893_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
4198
iobit-malware-fighter-1.Main%20Screen.png
images.sftcdn.net/images/t_app-cover-s,f_auto/p/0a67c93e-96d5-11e6-9c20-00163ed833e7/3836949755/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-cover-s,f_auto/p/0a67c93e-96d5-11e6-9c20-00163ed833e7/3836949755/iobit-malware-fighter-1.Main%20Screen.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
8b077b5f9babf877ed023e27e7c25e2a2732e5de2a83eefc79c1dbea39069956
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="3836949755.webp"
server-timing
cld-akam;dur=42;start=2023-06-08T13:28:05.977Z;desc=hit-near,rtt;dur=24, ak_p; desc="1686230885990_388099671_197263650_2608_3186_24_0_219";dur=1
content-length
6466
last-modified
Mon, 22 Nov 2021 14:43:10 GMT
server
Cloudinary
etag
"757deb7daf797942de1de06c00bb9699"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
5bba3-e5711.woff2
sc.sftcdn.net/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/5bba3-e5711.woff2
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Origin
https://iobit-malware-fighter.softonic.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Tue, 21 May 2024 23:01:06 GMT
date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1434419
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12698
x-served-by
cache-ams12758-AMS, cache-yyz4531-YYZ
last-modified
Mon, 22 May 2023 10:21:27 GMT
server
istio-envoy
x-timer
S1686230886.792708,VS0,VE0
etag
W/"646b4227-319c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
87, 8
sft-bundle.js
softonic.cn/revamp/ 		342 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic.cn/revamp/sft-bundle.js?modern=1
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
9751d779ee946613ec1801770348ecc5a3bcd5e026492e9423c3aecdc7d16d01

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Origin
https://iobit-malware-fighter.softonic.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-version
1.1116.0
date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
14706
x-cache
HIT, HIT
x-envoy-upstream-service-time
7
x-region
MA
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70127
x-request-id
152d7f09-0fe4-459e-9239-4e503aab1c8b
x-served-by
cache-ams12763-AMS, cache-bfi-krnt7300058-BFI
x-platform-version
NT 10.0
x-browser-version
114.0.5735.106
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1686230886.906881,VS0,VE0
etag
W/"318482d0a1502713f86b7a376a5eebd2"
x-browser-name
Chrome
vary
Accept-Encoding,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
2, 283
e1d66-3fd19.css
sc.sftcdn.net/styles/ 		114 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/e1d66-3fd19.css
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4ee3f406a9c09f5e1f4674a792ef5398ea686c5d5e81775abc32863ac741297f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Wed, 29 May 2024 10:40:05 GMT
date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
787680
x-cache
HIT, HIT
x-envoy-upstream-service-time
6
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17746
x-served-by
cache-ams12740-AMS, cache-yyz4575-YYZ
last-modified
Mon, 29 May 2023 15:26:41 GMT
server
istio-envoy
x-timer
S1686230886.824393,VS0,VE0
etag
W/"6474c431-1c6fc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
174, 25
40150-89a48.css
sc.sftcdn.net/styles/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/40150-89a48.css
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
74e9e0b0ddf0f5ca3ef65df8d565cce03a7612817ff6dde265f2222fb85a2525

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Tue, 28 May 2024 10:25:08 GMT
date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
874977
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2849
x-served-by
cache-ams12764-AMS, cache-yyz4575-YYZ
last-modified
Mon, 29 May 2023 10:12:06 GMT
server
istio-envoy
x-timer
S1686230886.824716,VS0,VE0
etag
W/"64747a76-2f14"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
38, 64
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
585ea-68c47.woff2
sc.sftcdn.net/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/585ea-68c47.woff2
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Origin
https://iobit-malware-fighter.softonic.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:03:59 GMT
date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
3727447
x-cache
HIT, HIT
x-envoy-upstream-service-time
5
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16706
x-served-by
cache-ams21069-AMS, cache-yyz4531-YYZ
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1686230886.811286,VS0,VE0
etag
W/"644801fe-4144"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
16184, 9
d1174-0627e.woff2
sc.sftcdn.net/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/d1174-0627e.woff2
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Origin
https://iobit-malware-fighter.softonic.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:04:01 GMT
date
Thu, 08 Jun 2023 13:28:05 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
3727444
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17553
x-served-by
cache-ams21076-AMS, cache-yyz4531-YYZ
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1686230886.824821,VS0,VE0
etag
W/"644801fe-4490"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
3204, 8
fa090-0d026.svg
sc.sftcdn.net/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sc.sftcdn.net/images/fa090-0d026.svg
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Wed, 29 May 2024 22:51:42 GMT
date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
743783
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2107
x-served-by
cache-ams21030-AMS, cache-yyz4575-YYZ
last-modified
Tue, 30 May 2023 15:54:15 GMT
server
istio-envoy
x-timer
S1686230886.035623,VS0,VE0
etag
W/"64761c27-12b0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1628, 60
b94b1-d9c76.css
sc.sftcdn.net/styles/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/b94b1-d9c76.css
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Wed, 22 May 2024 02:49:48 GMT
date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1420698
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1856
x-served-by
cache-ams12746-AMS, cache-yyz4551-YYZ
last-modified
Mon, 22 May 2023 10:21:27 GMT
server
istio-envoy
x-timer
S1686230886.438810,VS0,VE0
etag
W/"646b4227-12d9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
26, 6
sdk.19e71ca0706168ae5cffa2a1271ead0db6b070c9.js
sdk.privacy-center.org/sdk/19e71ca0706168ae5cffa2a1271ead0db6b070c9/modern/ 		311 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/19e71ca0706168ae5cffa2a1271ead0db6b070c9/modern/sdk.19e71ca0706168ae5cffa2a1271ead0db6b070c9.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=softonic.cn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:6600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
508d8f59b7207512bce7aecf9eff62c2c8eb048065b60d53b735704529294b73

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 09:31:48 GMT
content-encoding
gzip
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jun 2023 09:27:27 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1686216151/ctime:1686216152/gid:0/gname:root/md5:ddf0a07381f46f99d61e52bcb865dfda/mode:33188/mtime:1686216152/uid:0/uname:root
x-amz-cf-pop
JFK50-P5
age
14179
etag
W/"ddf0a07381f46f99d61e52bcb865dfda"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
Thsj2c8Onzfv8UvqtRhig4IAHvIsfWM9OwLfI44Gm6HQhNL7HQHXiQ==
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		140 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: softonic.cn
URL: https://softonic.cn/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.224.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-224-171.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ef4ec79abf2124328933f87b397b40528f041cad0684e42b0b8c24bea5eac31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:27:49 GMT
content-encoding
gzip
via
1.1 e60afe88b840ada9af7b8a328e52a866.cloudfront.net (CloudFront)
last-modified
Mon, 15 May 2023 16:08:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK51-C1
age
18
x-amz-server-side-encryption
AES256
etag
W/"da9010ded1146d56a7457c67db4dedd1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
vUJnMAkTYa_zWmmviTmT-vzqpf0QR-zJy6bAIq4ICOyLsAQJjTXG7A==
sft-bundle.js
softonic.cn/revamp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://softonic.cn/revamp/sft-bundle.js?modern=1
Requested by
Host: softonic.cn
URL: https://softonic.cn/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-version
1.1116.0
date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
14706
x-cache
HIT, HIT
x-envoy-upstream-service-time
30
x-region
MA
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70127
x-request-id
152d7f09-0fe4-459e-9239-4e503aab1c8b
x-served-by
cache-ams12763-AMS, cache-bfi-krnt7300081-BFI
x-platform-version
NT 10.0
x-browser-version
114.0.5735.106
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1686230886.316911,VS0,VE0
etag
W/"318482d0a1502713f86b7a376a5eebd2"
x-browser-name
Chrome
vary
Accept-Encoding,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
2, 510
apstag.js
c.amazon-adsystem.com/aax2/ 		228 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: softonic.cn
URL: https://softonic.cn/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5455fe11eef6ea9da6fd8b89ec7d0376cf18b8d863a31fd6f4e13225055049a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:01:22 GMT
content-encoding
gzip
via
1.1 ffa4b37ccdc94a8c62bf6b6414725210.cloudfront.net (CloudFront), 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 19:17:48 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
1605
x-amz-server-side-encryption
AES256
etag
W/"164d5b26a12963e375c4bac3b8c240e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
m2MfzgXn7iizuJJqOn2jKYAnyP962BHJ2oppWC7gw3AF8wDagtQlXw==
tag
btloader.com/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true
Requested by
Host: softonic.cn
URL: https://softonic.cn/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
625a58209585a0233f023ab9973809edaf28b1446402edc069ff71d4533881b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Jun 2023 13:14:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
759
etag
W/"e9547c1eea13e61846e95034e6e871ee"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3nFRsLx0rin4HlvkzJ%2BNNIIqZPt8lLuBCZAAV%2BwyHTLxd1Od3ztweWbCLiQduptPOP96m39qZ17TT7Pi1YJRHZBdv9YsthvsCuD2d5ID7aygQ7KdNLRTiK5nI%2BhB42owARshuVMxZ8EJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7d4179e07f861a44-EWR
hotjar-424839.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-424839.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-124.jfk50.r.cloudfront.net
Software
/
Resource Hash
bbd57bb329c05d9419f71743bb8e6eb5251fe1e3b5dcb3e5dc510d00498bbbd8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 08 Jun 2023 13:27:40 GMT
via
1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
27
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/0b6bad69b3b2c91192dc1d7cf81ea661
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
Q5pbAIb45vOhw-pxEsOa94ZPhH5A1qUqN420ZRX4lYGd9RRcJH3_Ag==
js
www.googletagmanager.com/gtag/ 		139 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e95b920bf073e6be14a5d5af42251ca723c8759964eab59456cb4e5535850851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54437
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Jun 2023 13:28:06 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ 		406 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:58:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
66549
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128351
x-xss-protection
0
server
cafe
etag
10410007902637205610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 06 Jun 2024 18:58:57 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		182 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=iobit-malware-fighter.softonic.cn
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
524bd626e49968f902cbdac319e96860286ead2b2cc3acdfd3b7399a32ebf7f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
expires
Thu, 08 Jun 2023 13:28:06 GMT
cookie.js
partner.googleadservices.com/gampad/ 		376 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=iobit-malware-fighter.softonic.cn&client=softonic&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
431c129d1825b951917ade90bc12eeffa0c593dfabedb9065863661e80a8774d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
242
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 08 Jun 2023 12:11:08 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4618
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 08 Jun 2023 14:11:08 GMT
js
js.srvtrck.com/v1/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.srvtrck.com/v1/js?api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cedb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95e43e9195d0e8609b7da5f62f50bb235602833541ba49f8bff83a69133b9a5a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Jun 2023 03:04:28 GMT
server
cloudflare
age
25049
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
p3p
CP="CAO PSA OUR"
cache-control
public, max-age=86400
cf-ray
7d4179e0dd8ad153-BUF
alt-svc
h3=":443"; ma=86400
expires
Fri, 09 Jun 2023 13:28:06 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63138680bf8ed8595f713c7aca78cde07dce052fe529e7acca220534a334ca16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80182
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 08 Jun 2023 13:28:06 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		164 B
131 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.softonic.cn
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-3b9a8.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb04b277239f642673bd24a99cef7058cd4d8a795417d75abe2e7e63d9290327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
x-xss-protection
0
expires
Thu, 08 Jun 2023 13:28:06 GMT
chunk6-eb0f32.mjs
sc.sftcdn.net/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk6-eb0f32.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-3b9a8.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
8c9bcb9bf936acdbc6227923a32372aeb51c09d5e3de1d898ed27fcdf8698749

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Fri, 31 May 2024 15:04:38 GMT
date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
599008
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3515
x-served-by
cache-ams12724-AMS, cache-yyz4551-YYZ
last-modified
Thu, 01 Jun 2023 14:57:49 GMT
server
istio-envoy
x-timer
S1686230886.469929,VS0,VE0
etag
W/"6478b1ed-2d7a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
49, 5
prebid
id5-sync.com/api/config/ 		135 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: softonic.cn
URL: https://softonic.cn/revamp/sft-prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
best-recommended-apps
iobit-malware-fighter.softonic.cn/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iobit-malware-fighter.softonic.cn/best-recommended-apps?appId=0a67c93e-96d5-11e6-9c20-00163ed833e7&categoryId=anti-spam-anti-spy&pageId=app&developerSlug=iobit-information-technology&platformId=windows&locale=zh-CN&programName=IObit+Malware+Fighter&browserName=chrome&browserVersion=114.0.5735.106&countryCode=US&deviceType=desktop&isEU=false&isCalifornia=false&region=MA&userPlatformId=windows&userPlatformVersion=10.0&placementId=download-intent&position=15
Requested by
Host: softonic.cn
URL: https://softonic.cn/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
d38b1a420da22c0fc8aba72117f35b7b9383ca3800862ffdc3bd87ce42ee7966

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-version
3.32.0
date
Thu, 08 Jun 2023 13:28:06 GMT
via
1.1 google
x-winner-campaign-logic
sov
x-user-platform
windows
x-winner-campaign-id
winzip-compression
x-resource-id
BestRecommendedApp
x-envoy-upstream-service-time
16
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5234
x-served-by
server-64ff5c584d-5jqnz
server
istio-envoy
x-operation-id
getBestRecommendedApp
x-publisher-id
sft
vary
origin
content-type
application/json; charset=utf-8
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
x-suitable-campaigns-count
4
accept-ranges
bytes
x-country-code
US
current
api.privacy-center.org/v1/locations/ 		40 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.privacy-center.org/v1/locations/current?fields[]=country_code&fields[]=region_code
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/19e71ca0706168ae5cffa2a1271ead0db6b070c9/modern/sdk.19e71ca0706168ae5cffa2a1271ead0db6b070c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:6c00:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
55905f7b3c0cb367751791a71d4c4c6518d40275f764685a0cbf00ffec6a8804
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
40
x-xss-protection
1; mode=block
etag
W/"28-wHiac1ydCP02hf5BtPgUzN+Jpvs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
allow
GET
content-type
application/json; charset=utf-8
vary
Accept
access-control-allow-origin
*
cache-control
max-age=3600, private
x-amz-cf-id
0e493ZTId5tA47bKxvxPmQB6_VZCVic2UOBFPgqo3L2Zh81LuXm1Dw==
current
api.privacy-center.org/v1/locations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.privacy-center.org/v1/locations/current?fields[]=country_code&fields[]=region_code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:6c00:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://iobit-malware-fighter.softonic.cn
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
date
Thu, 08 Jun 2023 13:28:06 GMT
vary
Access-Control-Request-Headers
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
x-amz-cf-id
WDB0Y75OcQVCzKei5mb-gZXmcAe_pLluhs39Uwln78EcK6RosU5M9g==
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
x-powered-by
Express
modules.7e75e9d610d16e1e8ef4.js
script.hotjar.com/ 		269 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.7e75e9d610d16e1e8ef4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-424839.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-77.jfk50.r.cloudfront.net
Software
/
Resource Hash
8bd9a27a2d1cd3d74f69b3b687467eb93ee4171ed6a7c43156f5940bc2010888
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 10:59:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
8939
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
69948
last-modified
Thu, 08 Jun 2023 10:58:41 GMT
etag
"35276aabf733b093929a708bf144ce01"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
g2x1sylvmr5mC3abRtCANpYpr01YJTikdNdHGzIdzbvcxrY6SMqd3Q==
config
c.amazon-adsystem.com/cdn/prod/ 		470 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Fiobit-malware-fighter.softonic.cn
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
8117ea09b5caab594dd88ba8826f107ef9f3a5f91e36b1f89672b03dc33ae48e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:05 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
470
x-amz-cf-id
ePdX-0YLhWp55g_xgs-jm9Q4bqnLAZ_S9pNr2JtbR4q9fmcW1IQwsw==
bid
aax.amazon-adsystem.com/e/dtb/ 		137 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3177&u=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&pid=dl1Ekfjntt30A&cb=0&ws=1600x1200&v=23.517.1921&t=600&slots=%5B%7B%22sd%22%3A%22top-mpu-1__ad%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-zh%2FApps%2FProgrampage%2FATF_MPU_First%22%7D%2C%7B%22sd%22%3A%22top-leaderboard-1__ad%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22960x90%22%2C%22950x90%22%2C%22728x90%22%2C%22500x90%22%2C%22468x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-zh%2FApps%2FProgrampage%2FATF_Leaderboard_First%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
80cd4bb42ae5db873104aef0b9cb4f6e55d72ea7440eae108640d9779d258c14
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
ZAXVXA1AVV4CV9XKACEK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
access-control-allow-credentials
true
timing-allow-origin
*
content-length
137
x-amz-cf-id
FXaOo2nTOAeUvHRWSqqfXr6AYv53-CwrFFBrWG8hAxGy_yeLXiuEKw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
DODZ1VI4_RkDC_ZMv5K50Lk9IT5_0ryzP3a9LWN7gUvvXqFrMOgsqw==
1111-w-warp-icon.jpg
images.sftcdn.net/images/t_app-icon-s/p/a7e76865-c6fd-44a7-8ceb-75d8ee636c64/475930328/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/a7e76865-c6fd-44a7-8ceb-75d8ee636c64/475930328/1111-w-warp-icon.jpg
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
f14e3b1f0c6360b1c162e6d7ea1666ed6822f1a09122e3bb0010847509943ab8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:29:51 GMT
server
Cloudinary
etag
"f447741a8a9327a29b8f7a4f50088bd4"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="475930328.webp"
server-timing
cld-akam;dur=36;start=2023-06-08T13:28:06.806Z;desc=hit-near,rtt;dur=24, ak_p; desc="1686230886810_388099671_197266148_2929_2672_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
1986
f1936-d9195.png
sc.sftcdn.net/images/ 		532 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sc.sftcdn.net/images/f1936-d9195.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
8e15341f963cdd48221f957ac1d098aa438b596ac8cdecf70be9bc3195c1f5da

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:04:00 GMT
date
Thu, 08 Jun 2023 13:28:06 GMT
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
3727447
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
532
x-served-by
cache-ams21082-AMS, cache-yyz4551-YYZ
last-modified
Tue, 25 Apr 2023 16:38:21 GMT
server
istio-envoy
x-timer
S1686230887.791360,VS0,VE0
etag
"644801fd-214"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
6157, 2
spam-reader-logo.jpg
images.sftcdn.net/images/t_app-icon-s/p/617b5a50-9b36-11e6-bace-00163ed833e7/26443158/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/617b5a50-9b36-11e6-bace-00163ed833e7/26443158/spam-reader-logo.jpg
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
e85624573524f9f1cb5957b3a235d29549a2333233980948ebe72e9640631142
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 12:43:27 GMT
server
Cloudinary
etag
"f90c3ed136540fd6aa8f07b2f7f4ba90"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="26443158.webp"
server-timing
cld-akam;dur=106;cpu=44;start=2023-06-08T13:28:06.797Z;desc=miss,rtt;dur=24,cloudinary;dur=60;start=2023-06-08T13:28:06.823Z, ak_p; desc="1686230886800_388099671_197266149_9956_2595_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
2448
malwarebytes-anti-malware-icon.png
images.sftcdn.net/images/t_app-icon-s/p/04cdb438-96d1-11e6-ac69-00163ed833e7/1339587476/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/04cdb438-96d1-11e6-ac69-00163ed833e7/1339587476/malwarebytes-anti-malware-icon.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
b1cddc4c14c6738e1c16f8fe5fffd28e52ab7af3024e4a54a4fd5d492c8c33c7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:50:07 GMT
server
Cloudinary
etag
"5436826794d3beb7e20a49ee356d97d0"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1339587476.webp"
server-timing
cld-akam;dur=90;cpu=44;start=2023-06-08T13:28:06.796Z;desc=miss,rtt;dur=24,cloudinary;dur=43;start=2023-06-08T13:28:06.831Z, ak_p; desc="1686230886799_388099671_197266150_8276_4175_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
1620
windows-defender-800px-Windows_Defender_logo.svg.png
images.sftcdn.net/images/t_app-icon-s/p/3d621984-96d0-11e6-8bec-00163ec9f5fa/2555926723/ 		616 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/3d621984-96d0-11e6-8bec-00163ec9f5fa/2555926723/windows-defender-800px-Windows_Defender_logo.svg.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ab9e2fa2d00f6af1986e12b6bdee984d599b0cd890c3c145562da520a8d31ee4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:28:39 GMT
server
Cloudinary
etag
"f933d621de06a9e4b7e056dfac87a656"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2555926723.webp"
server-timing
cld-akam;dur=37;start=2023-06-08T13:28:06.795Z;desc=hit-near,rtt;dur=24, ak_p; desc="1686230886799_388099671_197266151_2960_4142_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
616
spybot-search-destroy-Spyboticon.png
images.sftcdn.net/images/t_app-icon-s/p/4c3f9e3a-96d1-11e6-8cae-00163ec9f5fa/2027831089/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/4c3f9e3a-96d1-11e6-8cae-00163ec9f5fa/2027831089/spybot-search-destroy-Spyboticon.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
e2ffcffb1c4e27f20814447760fddc99854dc0fe20be26e1cde55eb69455245a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:54:58 GMT
server
Cloudinary
etag
"f520b73c227288e9f721a90f570eb3a1"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2027831089.webp"
server-timing
cld-akam;dur=109;cpu=42;start=2023-06-08T13:28:06.796Z;desc=miss,rtt;dur=24,cloudinary;dur=66;start=2023-06-08T13:28:06.824Z, ak_p; desc="1686230886799_388099671_197266152_10344_2626_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
1810
avast-Avast_Symbol_V2_Positive_Orange_256x256.png
images.sftcdn.net/images/t_app-icon-s/p/2d9f9134-96d0-11e6-bf8f-00163ec9f5fa/1408299994/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/2d9f9134-96d0-11e6-bf8f-00163ec9f5fa/1408299994/avast-Avast_Symbol_V2_Positive_Orange_256x256.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
2dce3035cfadf3932bd8bd977f5d9c11e1e49df39092c4de36968fbbf0d81a04
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 17:32:36 GMT
server
Cloudinary
etag
"06d2b62f46d039cff41e8923f130b871"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1408299994.webp"
server-timing
cld-akam;dur=22;start=2023-06-08T13:28:06.805Z;desc=hit-near,rtt;dur=24, ak_p; desc="1686230886810_388099671_197266153_1509_2717_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
2138
advanced-systemcare-ultimate-icon.png
images.sftcdn.net/images/t_app-icon-s/p/b3bdc7de-96d2-11e6-bae4-00163ed833e7/2243639147/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/b3bdc7de-96d2-11e6-bae4-00163ed833e7/2243639147/advanced-systemcare-ultimate-icon.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
a3a2b7074615ca95c09da5b4eda0abd409c4ea4b3e5a64bf90d563fd93428b2e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:08:36 GMT
server
Cloudinary
etag
"2058e5867b3ba8c0ae9f1055cf085939"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2243639147.webp"
server-timing
cld-akam;dur=28;start=2023-06-08T13:28:06.796Z;desc=miss,rtt;dur=24,cloudinary;dur=35;start=2023-06-08T11:26:48.966Z, ak_p; desc="1686230886799_388099671_197266154_2233_2456_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
4158
combofix-logo.png
images.sftcdn.net/images/t_app-icon-s/p/a933f1be-96d0-11e6-897b-00163ec9f5fa/2426762540/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/a933f1be-96d0-11e6-897b-00163ec9f5fa/2426762540/combofix-logo.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
c03a3a711cc0d81fce0accde711fe4979f1b56f84ab52f2874772045d8e37188
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:55:16 GMT
server
Cloudinary
etag
"ff4e01d7fe19e82a208c745404c7ec90"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2426762540.webp"
server-timing
cld-akam;dur=21;start=2023-06-08T13:28:06.803Z;desc=hit-near,rtt;dur=24, ak_p; desc="1686230886806_388099671_197266155_1606_2430_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
5444
belkasoftramcapturer-logo.png
images.sftcdn.net/images/t_app-icon-s/p/4292e316-a4d1-11e6-9c27-00163ed833e7/3645028709/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/4292e316-a4d1-11e6-9c27-00163ed833e7/3645028709/belkasoftramcapturer-logo.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
2c2087503381f85b10fa502da19a3b56077af284d4d60d620b902c9957729038
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 10:30:46 GMT
server
Cloudinary
etag
"95deb04f66299922763f0d3de15f76af"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3645028709.webp"
server-timing
cld-akam;dur=133;cpu=65;start=2023-06-08T13:28:06.796Z;desc=miss,rtt;dur=24,cloudinary;dur=65;start=2023-06-08T13:28:06.828Z, ak_p; desc="1686230886799_388099671_197266156_12683_2926_23_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
2274
spam-bully-logo.png
images.sftcdn.net/images/t_app-icon-s/p/3fc3575c-9b2f-11e6-a251-00163ed833e7/168639478/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/3fc3575c-9b2f-11e6-a251-00163ed833e7/168639478/spam-bully-logo.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
6b80472ac7d3c365cbef568dfc2e0c2bcd15e046b93576338d4f872ecb384e14
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 10:01:23 GMT
server
Cloudinary
etag
"5642a7a9542f0d3dbed4e532d7b2524a"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="168639478.webp"
server-timing
cld-akam;dur=31;start=2023-06-08T13:28:06.795Z;desc=miss,rtt;dur=24,cloudinary;dur=57;start=2023-06-07T15:36:16.886Z, ak_p; desc="1686230886799_388099671_197266157_2440_2927_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
1572
runscanner-logo.png
images.sftcdn.net/images/t_app-icon-s/p/41b88526-9b27-11e6-abf4-00163ec9f5fa/1916999262/ 		950 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/41b88526-9b27-11e6-abf4-00163ec9f5fa/1916999262/runscanner-logo.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
78f25d6cd821c8250eadd361a915e33a938783f1138e4adb14678f942fe1c130
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 10:30:35 GMT
server
Cloudinary
etag
"adf89696501954b623e90b3b567970af"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1916999262.webp"
server-timing
cld-akam;dur=135;cpu=50;start=2023-06-08T13:28:06.828Z;desc=miss,rtt;dur=24,cloudinary;dur=83;start=2023-06-08T13:28:06.860Z, ak_p; desc="1686230886830_388099671_197266245_13066_2165_23_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
950
zemana-antilogger-logo.png
images.sftcdn.net/images/t_app-icon-s/p/25111f12-9b29-11e6-b592-00163ec9f5fa/3161689967/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/25111f12-9b29-11e6-b592-00163ec9f5fa/3161689967/zemana-antilogger-logo.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
96bb42b23d3e2d7db6c944b3aa3a435c523a46e3821e3329a2366640b4867980
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 10:07:15 GMT
server
Cloudinary
etag
"d663e5e58e8106fbce545b408acd40c8"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3161689967.webp"
server-timing
cld-akam;dur=26;start=2023-06-08T13:28:06.828Z;desc=hit-near,rtt;dur=24, ak_p; desc="1686230886830_388099671_197266246_2110_2430_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
1670
utopia-p2p-Utopia%20P2P-icon.png
images.sftcdn.net/images/t_app-icon-s/p/e72a64e3-da98-4b6c-b3f0-1ff48335dd0c/1635828048/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/e72a64e3-da98-4b6c-b3f0-1ff48335dd0c/1635828048/utopia-p2p-Utopia%20P2P-icon.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
10a5808371592a9f07e1ecce9be088f66d9a6522e0de67bbc50dbc796eb459ea
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:58:05 GMT
server
Cloudinary
etag
"34a23aeb72851745bfac51e8b9c77343"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1635828048.webp"
server-timing
cld-akam;dur=35;start=2023-06-08T13:28:06.828Z;desc=hit-near,rtt;dur=24, ak_p; desc="1686230886831_388099671_197266247_2996_2168_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
1324
mail-box-dispatcher-logo.jpg
images.sftcdn.net/images/t_app-icon-s/p/cd1546a8-9b32-11e6-a24e-00163ed833e7/1212824619/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/cd1546a8-9b32-11e6-a24e-00163ed833e7/1212824619/mail-box-dispatcher-logo.jpg
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
5a9914278a034d94c2dc8ae70a27633ba580c10d63016ce00a614f92f73761c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:46:35 GMT
server
Cloudinary
etag
"3f1952074760c8110360e2d97ac29b25"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1212824619.webp"
server-timing
cld-akam;dur=171;cpu=86;start=2023-06-08T13:28:06.828Z;desc=miss,rtt;dur=24,cloudinary;dur=66;start=2023-06-08T06:05:23.894Z, ak_p; desc="1686230886831_388099671_197266248_16609_2282_23_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
1400
wipersoft-logo.png
images.sftcdn.net/images/t_app-icon-s/p/d1ad8b5c-a4d4-11e6-9dc9-00163ed833e7/3348702366/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/d1ad8b5c-a4d4-11e6-9dc9-00163ed833e7/3348702366/wipersoft-logo.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1ba820115749e3b6149b0e4f0fdf589c39f64c3ef2462ceb60eca6a5d4e512bb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:45:00 GMT
server
Cloudinary
etag
"7aea3755b45ddcd01f8681fc3cc18518"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3348702366.webp"
server-timing
cld-akam;dur=35;start=2023-06-08T13:28:06.828Z;desc=hit-near,rtt;dur=24, ak_p; desc="1686230886830_388099671_197266249_3035_2100_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
2784
spyblocker-logo.jpg
images.sftcdn.net/images/t_app-icon-s/p/eb5cdd78-9b29-11e6-99d9-00163ec9f5fa/2381463438/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/eb5cdd78-9b29-11e6-99d9-00163ec9f5fa/2381463438/spyblocker-logo.jpg
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
d553613fe7de8f08a345ab1d8e1c0c32ad646a72cc7e591c520f19ba7a7e6e31
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:12:00 GMT
server
Cloudinary
etag
"48b1e9f0630696915e2291a286e3fe8d"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2381463438.webp"
server-timing
cld-akam;dur=24;start=2023-06-08T13:28:06.828Z;desc=miss,rtt;dur=24,cloudinary;dur=53;start=2023-06-08T11:32:59.337Z, ak_p; desc="1686230886830_388099671_197266250_1997_2228_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
5288
spywarefighter-logo.png
images.sftcdn.net/images/t_app-icon-s/p/69f61656-9b2d-11e6-b643-00163ec9f5fa/1979390088/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/69f61656-9b2d-11e6-b643-00163ec9f5fa/1979390088/spywarefighter-logo.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
5f9122900c5989276beb1620e507610c376d878ae9ffdbac1880f361c4915dd7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 10:00:33 GMT
server
Cloudinary
etag
"7efa5222194225207f7870a17eb045fa"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1979390088.webp"
server-timing
cld-akam;dur=68;cpu=26;start=2023-06-08T13:28:06.828Z;desc=miss,rtt;dur=24,cloudinary;dur=38;start=2023-06-08T13:28:06.848Z, ak_p; desc="1686230886830_388099671_197266251_6378_2332_23_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
1120
clean-space-icon.png
images.sftcdn.net/images/t_app-icon-s/p/a6381e0e-9b35-11e6-90e9-00163ec9f5fa/140081103/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/a6381e0e-9b35-11e6-90e9-00163ec9f5fa/140081103/clean-space-icon.png
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
66ad2df66f206b2f83d01cbacc150f9bc31fa9c31125132e7dd4eb095236e9b9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:53:48 GMT
server
Cloudinary
etag
"c535046bd202a885618f81cefc094491"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="140081103.webp"
server-timing
cld-akam;dur=46;start=2023-06-08T13:28:06.828Z;desc=hit-near,rtt;dur=24, ak_p; desc="1686230886830_388099671_197266252_4283_2174_24_0_146";dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
3052
px.gif
ad-delivery.net/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1733308
x-guploader-uploadid
ADPycduIobsihfDpavy2TVhGGvICZHi2PC7BxMVfVSnw0NpPxVDQUJ5qgfStG0SsKCOk76H3wB3d7udofk4PprqHewehKQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj%2FEUmODK52yGMSuLg5gOQ%2BuWabXsO10IqRAeyl4etw2pA%2BCnCQ0QrcAEUnT85Kvr5jYbamsCBcSklykxBLvI6SKQgYNCT9JUbUJ3k7USYA0u36H2d8NziZ1m0HYBWW%2FwuoNW7AFkkQrk13R8g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7d4179e3a90c0f84-EWR
expires
Fri, 19 May 2023 12:24:29 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.166 East White Plains, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 21:10:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Jun 2023 21:10:30 GMT
px.gif
ad-delivery.net/ 		43 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.23504121904869546
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1733308
x-guploader-uploadid
ADPycduIobsihfDpavy2TVhGGvICZHi2PC7BxMVfVSnw0NpPxVDQUJ5qgfStG0SsKCOk76H3wB3d7udofk4PprqHewehKQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BK4oRbM%2FEpRN0QPvaEV9Ky3CwI3Pc9J4SDOFolVxPPEnXxGN%2B%2BRlxqghi8OOePK2JPVQTIu5SCZtscyPbt09qmNnmOD2whBepNRm5FWV8FuEXV3yTaDmeIJF2Z%2BVKQ98KeGQvPUvrls9CFUCw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7d4179e3a90d0f84-EWR
expires
Fri, 19 May 2023 12:24:29 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1686230886807&cv=11&fst=1686230886807&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&hn=www.googleadservices.com&frm=0&tiba=IObit%20Malware%20Fighter%20%E7%89%88%20-%20%E4%B8%8B%E8%BD%BD&us_privacy=error&auid=870751483.1686230886&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bb8f50ee00a4e1a61a5eb1f7b9dd923a016d5e8d4f2ee950f878dc6c84f98e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		3 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
collect
analytics.google.com/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je3650&_p=206392822&_gaz=1&cid=1002708125.1686230887&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686230886&sct=1&seg=0&dl=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&dt=IObit%20Malware%20Fighter%20%E7%89%88%20-%20%E4%B8%8B%E8%BD%BD&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=program_page&ep.site_language=zh&ep.google_click_id=&ep.test_variant=&ep.program_id=0a67c93e-96d5-11e6-9c20-00163ed833e7&ep.program_platform=windows&ep.program_category=security-privacy&ep.program_subcategory=anti-spam-anti-spy&ep.program_origin=sdc&ep.program_sources=&ep.program_review_source=legacy&ep.program_download_type=internalDownload&ep.program_review_modification_date=2023-05-23&ep.program_opinions=no&ep.program_review_publication_date=2020-02-04&ep.program_has_button_buy=no&ep.program_has_button_download=yes&ep.program_has_gallery=yes&ep.program_has_offer=no&epn.program_user_score=8.115071770334925&ep.google_compliant=yes&ep.program_name=IObit%20Malware%20Fighter
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R5K71YRXMV&cid=1002708125.1686230887&gtm=45je3650&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chunk0-523e0a.mjs
sc.sftcdn.net/scripts/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk0-523e0a.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-3b9a8.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
d5da18df3c355cfdc34f19c428d0e9f4c814ca2f3ffa5338945ae45a2787d00e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Wed, 22 May 2024 13:51:08 GMT
date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1381018
x-cache
HIT, HIT
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7821
x-served-by
cache-ams21021-AMS, cache-yyz4551-YYZ
last-modified
Tue, 23 May 2023 13:10:55 GMT
server
istio-envoy
x-timer
S1686230887.909456,VS0,VE0
etag
W/"646cbb5f-6589"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
738, 11
chunk1-91a0d1.mjs
sc.sftcdn.net/scripts/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk1-91a0d1.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-3b9a8.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
54b5954adefb4420d3bd25b0c5389f22b03cf6664fedfb21f16bb513234670af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Fri, 31 May 2024 15:04:38 GMT
date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
599009
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4602
x-served-by
cache-ams12724-AMS, cache-yyz4551-YYZ
last-modified
Thu, 01 Jun 2023 14:57:49 GMT
server
istio-envoy
x-timer
S1686230887.909444,VS0,VE0
etag
W/"6478b1ed-406c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
38, 12
chunk7-77f3da.mjs
sc.sftcdn.net/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk7-77f3da.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-3b9a8.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
7829a2e0baa0fa87afc408cb1d889967e9eef87199076fbf33ccf7e3563e597a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Fri, 31 May 2024 15:04:41 GMT
date
Thu, 08 Jun 2023 13:28:06 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
599004
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2924
x-served-by
cache-ams12747-AMS, cache-yyz4551-YYZ
last-modified
Thu, 01 Jun 2023 14:57:49 GMT
server
istio-envoy
x-timer
S1686230887.909715,VS0,VE0
etag
W/"6478b1ed-27dd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
20, 7
hjdebh67699dwnjldw00.js
dnlgm0m0r44nl.cloudfront.net/abp/ 		20 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dnlgm0m0r44nl.cloudfront.net/abp/hjdebh67699dwnjldw00.js
Requested by
Host: js.srvtrck.com
URL: https://js.srvtrck.com/v1/js?api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.38.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-38-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7516842ff556ff708e84893bf1006bf21e38f04a3374d64b64fb4db461b8c49c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 16:16:05 GMT
Via
1.1 d4b67fda8355378cec4afc079701f8e6.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 Nov 2014 16:56:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P2
Age
76347
ETag
"1db728e2d3216682f555d0c1e5b1127c"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
X-Amz-Cf-Id
PbaZuzrpQh3U-Wvgyar4RpWDxVRSbM441YHFM0pINhNcG4YZtdmSeA==
ads
www.google.com/afs/ Frame 29FD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&sct=ID%3Ddcd92ea7b614117f%3AT%3D1686230886%3ART%3D1686230886%3AS%3DALNI_MZzruOGHoInqQ0-2GiTWwiad9c9tQ&sc_status=3&hl=zh&cpp=3&rpbu=https%3A%2F%2Fwww.softonic.cn%2Fs%2F%3Frscp%3Ddsk_rscp_zh_pp%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4&nocache=7171686230886936&num=0&output=afd_ads&domain_name=iobit-malware-fighter.softonic.cn&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686230886938&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4746&frm=0&cl=537871741&uio=wi290-&cont=rscontainer&jsid=csa&jsv=537871741&rurl=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&adbw=master-1%3A290
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
6359701a54d27476663aae30b19a0a2c77d83635f997f6a795cdd57e3e1f4a8c
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-E9DC5tAuqo1KMZK6GSzSHg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2167
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-E9DC5tAuqo1KMZK6GSzSHg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Thu, 08 Jun 2023 13:28:07 GMT
expires
Thu, 08 Jun 2023 13:28:07 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
5NSNPTCQEMB5JGZ0
age
2948
etag
W/"bd84c027369eea0cf742a8ca6f03b75c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d4179e5ad674374-EWR
x-amz-id-2
WbpK4F+saQiJvTNIXjvdPgGQZtf5PCUAS1gTXSJT5rE9+fL7sYX5jvtDRWqNT7+YaCoThyY3NFI=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.15.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-15-60.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 08 Jun 2023 13:28:07 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.15.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-15-60.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://iobit-malware-fighter.softonic.cn
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 08 Jun 2023 13:28:07 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
corporate-logo-nb.svg
storage.googleapis.com/storage-proxy-assets/revamp-di-sft/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2010 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 12:57:10 GMT
age
1857
x-guploader-uploadid
ADPycdv2mrKzivenvCzgaa70nmSz-6rC8eLEzUgWeqtF4Rw9lrALWm_-JWrHyrYwC-66m71VIpKrWRl7i_084Y7apv_NiQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6593
last-modified
Wed, 01 Mar 2023 13:19:57 GMT
server
UploadServer
etag
"8a5ec86f9e44863fd94329cebaecb4d1"
x-goog-generation
1677676797280447
x-goog-hash
crc32c=wuPwOw==, md5=il7Ib55Ehj/ZQynOuuy00Q==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
6593
accept-ranges
bytes
expires
Thu, 08 Jun 2023 13:57:10 GMT
logo
images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/winzip-compression/winzip-logo/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/winzip-compression/winzip-logo/logo
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
cae22a250c5cb90cd727b54a9679d527e4c159fb195931806e6462a1aac080d7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="winzip-logo.webp"
server-timing
cld-akam;dur=21;start=2023-06-08T13:28:07.072Z;desc=hit-near,rtt;dur=23, ak_p; desc="1686230887075_388099671_197266927_1393_3293_23_0_146";dur=1
content-length
10868
last-modified
Tue, 18 Feb 2020 15:41:07 GMT
server
Cloudinary
etag
"ced771e1f1ab1ec6928f73b932b7d986"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
feature
images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/winzip-compression/featureA_260220_V2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/winzip-compression/featureA_260220_V2/feature
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
f95af4cd8402379b8ac853cd076efe929d6412fde2ccfede9e89c1b0bbbce7c3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="featureA_260220_V2.webp"
server-timing
cld-akam;dur=35;start=2023-06-08T13:28:07.070Z;desc=hit-near,rtt;dur=23, ak_p; desc="1686230887073_388099671_197266928_2854_3177_23_0_146";dur=1
content-length
7900
last-modified
Wed, 26 Feb 2020 14:23:42 GMT
server
Cloudinary
etag
"4f6f30c4592746f2930e1b37a70cef82"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
feature
images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/winzip-compression/featureB_260220_V3/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/winzip-compression/featureB_260220_V3/feature
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
6013dd227ad30224ebd630d4ecc6f72da07367f4d683daf3c850f6e8fe6d52cd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="featureB_260220_V3.webp"
server-timing
cld-akam;dur=14;start=2023-06-08T13:28:07.063Z;desc=hit-near,rtt;dur=23, ak_p; desc="1686230887066_388099671_197266929_695_3626_23_0_146";dur=1
content-length
1316
last-modified
Wed, 26 Feb 2020 14:52:59 GMT
server
Cloudinary
etag
"d9f578481fabe789a06de9a431ef7007"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
feature
images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/winzip-compression/featureC_260220_V2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/winzip-compression/featureC_260220_V2/feature
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5a0::29cc New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
165cf2dabdfef9e471faac04cd1d527bd2e5f83dc1126e2bf04a75f645c2581a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="featureC_260220_V2.webp"
server-timing
cld-akam;dur=27;start=2023-06-08T13:28:07.063Z;desc=hit-near,rtt;dur=23, ak_p; desc="1686230887066_388099671_197266930_1937_3351_23_0_146";dur=1
content-length
6240
last-modified
Wed, 26 Feb 2020 14:23:42 GMT
server
Cloudinary
etag
"de9372b3e0fcaab67d8995c879fc65ec"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-20034791-1&cid=1002708125.1686230887&jid=1571503184&gjid=870399840&_gid=1354426749.1686230887&_u=YCDAgEABAAQCAEAAI~&z=1497865069
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 08 Jun 2023 13:28:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=206392822&t=pageview&_s=1&dl=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&ul=en-us&de=UTF-8&dt=IObit%20Malware%20Fighter%20%E7%89%88%20-%20%E4%B8%8B%E8%BD%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAQCAAAAI~&jid=1571503184&gjid=870399840&cid=1002708125.1686230887&tid=UA-20034791-1&_gid=1354426749.1686230887&gtm=45He3650n715LWWHP&cd1=%2Fprogram_page&cd2=1&cd3=windows&cd4=security-privacy&cd5=anti-spam-anti-spy&cd6=no&cd7=no&cd10=yes&cd11=yes&cd12=US&cd14=free&cd15=2020-02-04&cd16=G8BzdghzTXGLv4LQjBmbkbQ3&cd17=0&cd18=no&cd19=8.115071770334925&cd21=0a67c93e-96d5-11e6-9c20-00163ed833e7&cd52=%2Fprogram_page&cd72=&cd79=IObit%20Malware%20Fighter&cd82=internalDownload&cd85=2023-05-23&cd94=e8321af6-06b3-4354-96e9-8b5692d93e12&cd97=&cd110=&cd111=sdc&cd112=legacy&z=2111843510
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 05:15:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
29554
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		139 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631321069
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/19e71ca0706168ae5cffa2a1271ead0db6b070c9/modern/sdk.19e71ca0706168ae5cffa2a1271ead0db6b070c9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28d7bc555e15069e8c0594fed70274f137e15bee2da5ed481ea286b2759a03f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54429
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Jun 2023 13:28:07 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
f3646aac2d039a25ab023198c7277ad68e412c8628c2a031773bbb8a7937696d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
ads.js
www.google.com/adsense/search/ Frame 29FD 		140 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&sct=ID%3Ddcd92ea7b614117f%3AT%3D1686230886%3ART%3D1686230886%3AS%3DALNI_MZzruOGHoInqQ0-2GiTWwiad9c9tQ&sc_status=3&hl=zh&cpp=3&rpbu=https%3A%2F%2Fwww.softonic.cn%2Fs%2F%3Frscp%3Ddsk_rscp_zh_pp%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4&nocache=7171686230886936&num=0&output=afd_ads&domain_name=iobit-malware-fighter.softonic.cn&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686230886938&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4746&frm=0&cl=537871741&uio=wi290-&cont=rscontainer&jsid=csa&jsv=537871741&rurl=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&adbw=master-1%3A290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03b4b4fd940186d83bff52df5eeeea4cdd8ac0cb2be5c3f91b5f92e24b7d37ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"11884675161398334309"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Thu, 08 Jun 2023 13:28:07 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
920Q0QF260P8RMXZ
age
2948
etag
W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d4179e5cd954374-EWR
x-amz-id-2
9a12xlHSjnxUlLm3FLZpa8BLQYs87Wr3c8H18mXMKYVTz+8jVaweUO71wJpudFyBjnlVtfOFivM=
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=iobit-malware-fighter.softonic.cn
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		813 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4051777403564866&correlator=1289265687687806&eid=31075062%2C31075063%2C31075121%2C31075028&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&trt=2&iu_parts=5302%2Cdesktop%2Cdesktop-Web-zh%2CApps%2CProgrampage%2CATF_OOP_Wallpaper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&adks=623169959&didk=821598582&sfv=1-0-40&ists=1&prev_scp=pos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-wallpaper%26type%3Doop_display_wallpaper%26hvi%3Dfalse&eri=1&cust_params=ab_upr%3D4%26segments%3D%26medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26region%3DA%26locale%3Dzh-CN%26devel%3D0%26ab_medium%3Dundefined%26file%3D0a67c93e-96d5-11e6-9c20-00163ed833e7%26platformId%3Dwindows%26recat%3Dsecurity-privacy%252Canti-spam-anti-spy%26country%3DUS%26compliant%3D1%26content%3Drich%26hosted%3Dtrue%26author%3DIObit%2520Information%2520Technology%26personalized%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1686230887331&lmt=1686230887&dlt=1686230885704&idt=1013&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1002708125.1686230887&ga_sid=1686230887&ga_hid=206392822&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRiN18XZiTFIAFICCGQ.
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9930bdb885545dcee3540a2a8a40d20c0418dbbca239dcd4fc32b13747bb66d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
437
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D96 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 13:28:07 GMT
expires
Fri, 07 Jun 2024 13:28:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/631321069/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/631321069/?random=1686230886807&cv=11&fst=1686229200000&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&frm=0&tiba=IObit%20Malware%20Fighter%20%E7%89%88%20-%20%E4%B8%8B%E8%BD%BD&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2567215636&rmt_tld=0&ipr=y
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame F054
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
307 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
991af7dd3de951ca288e28e445bb9bea1787505ee067ff4d871964c216fc430d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
307
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 08 Jun 2023 13:28:07 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
276VXW3FWE16NJVK4FWC

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 08 Jun 2023 13:28:07 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
HVTCKZSA5Z8TZXPR70CQ
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-20034791-1&cid=1002708125.1686230887&jid=1571503184&_u=YCDAgEABAAQCAEAAI~&z=1780958720
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
call_to_action_arrow_v2.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 29FD 		209 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow_v2.svg
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&sct=ID%3Ddcd92ea7b614117f%3AT%3D1686230886%3ART%3D1686230886%3AS%3DALNI_MZzruOGHoInqQ0-2GiTWwiad9c9tQ&sc_status=3&hl=zh&cpp=3&rpbu=https%3A%2F%2Fwww.softonic.cn%2Fs%2F%3Frscp%3Ddsk_rscp_zh_pp%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4&nocache=7171686230886936&num=0&output=afd_ads&domain_name=iobit-malware-fighter.softonic.cn&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686230886938&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4746&frm=0&cl=537871741&uio=wi290-&cont=rscontainer&jsid=csa&jsv=537871741&rurl=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&adbw=master-1%3A290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d635d09bda9708c5a14649270950e0943edab5443eb2b2ff0ba1c7ff16bde09f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 08 Jun 2023 09:33:31 GMT
age
14076
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 17:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Fri, 09 Jun 2023 08:33:31 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 29FD 		200 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&sct=ID%3Ddcd92ea7b614117f%3AT%3D1686230886%3ART%3D1686230886%3AS%3DALNI_MZzruOGHoInqQ0-2GiTWwiad9c9tQ&sc_status=3&hl=zh&cpp=3&rpbu=https%3A%2F%2Fwww.softonic.cn%2Fs%2F%3Frscp%3Ddsk_rscp_zh_pp%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404&format=r4&nocache=7171686230886936&num=0&output=afd_ads&domain_name=iobit-malware-fighter.softonic.cn&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1686230886938&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4746&frm=0&cl=537871741&uio=wi290-&cont=rscontainer&jsid=csa&jsv=537871741&rurl=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&adbw=master-1%3A290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Jun 2023 23:38:19 GMT
age
49788
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 21:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Thu, 08 Jun 2023 22:38:19 GMT
chunk20-8612b5.mjs
sc.sftcdn.net/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk20-8612b5.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-3b9a8.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
6e35dd0d764d3e086e68847cab1b4ff9f0b2d6ecf2742e559cef241b2e359839

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Fri, 31 May 2024 15:04:38 GMT
date
Thu, 08 Jun 2023 13:28:07 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
599009
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1123
x-served-by
cache-ams21047-AMS, cache-yyz4551-YYZ
last-modified
Thu, 01 Jun 2023 14:57:49 GMT
server
istio-envoy
x-timer
S1686230888.566748,VS0,VE0
etag
W/"6478b1ed-8b9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
70, 12
increment
id5-sync.com/api/esp/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
date
Thu, 08 Jun 2023 13:28:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
691.json
id5-sync.com/g/v2/ 		634 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/691.json
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
7e94c05e6eae30466ae4ad1203e141bfd4f69d393dba4776b1fec5b5b8e4f785
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=iobit-malware-fighter.softonic.cn
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		84 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4051777403564866&correlator=3408328747302652&eid=31075062%2C31075063%2C31075121%2C31075028&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&gdpr=0&trt=2&iu_parts=5302%2Cdesktop%2Cdesktop-Web-zh%2CApps%2CProgrampage%2CATF_MPU_First%2CATF_Notificationbar%2CATF_Leaderboard_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7&prev_iu_szs=300x600%7C300x250%7C300x180%7C300x150%7C250x250%7C200x200%7C180x150%7C160x600%7C120x600%2C320x50%2C1x1%7C970x250%7C970x90%7C960x90%7C950x90%7C728x90%7C500x90%7C468x90%7C468x60&fluid=0%2Cheight%2C0&ifi=2&adks=1335813602%2C3501912354%2C1776590748&didk=3758857423~2641185686~1866715383&sfv=1-0-40&prev_scp=pos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-mpu-1%26type%3Dtop_display_mpu%26hvi%3Dfalse%26afcSlotId%3Dundefined%26amznbid%3D1%26amznp%3D1%7Cpos%3Dtop%26countryCluster%3DA1%26td-slot%3Dnative-notificationbar%26type%3Dnative_notificationbar%26hvi%3Dfalse%26devicePlatformId%3Dwindows%7Cpos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-leaderboard-1%26type%3Dtop_display_leaderboard%26hvi%3Dfalse%26amznbid%3D1%26amznp%3D1&eri=1&cust_params=ab_upr%3D4%26segments%3D%26medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26region%3DA%26locale%3Dzh-CN%26devel%3D0%26ab_medium%3Dundefined%26file%3D0a67c93e-96d5-11e6-9c20-00163ed833e7%26platformId%3Dwindows%26recat%3Dsecurity-privacy%252Canti-spam-anti-spy%26country%3DUS%26compliant%3D1%26content%3Drich%26hosted%3Dtrue%26author%3DIObit%2520Information%2520Technology%26personalized%3D1&sc=1&cookie=ID%3D925caef4ef033f00%3AT%3D1686230887%3ART%3D1686230887%3AS%3DALNI_MY84u9NAceSFHzHodzNBSw9f_DkTA&gpic=UID%3D00000c458cefdbe8%3AT%3D1686230887%3ART%3D1686230887%3AS%3DALNI_MY6-8jAH_ETNwN6vCk4WQE3c3EFhw&abxe=1&dt=1686230887763&lmt=1686230887&dlt=1686230885704&idt=1013&adxs=1116%2C%2C315&adys=424%2C%2C258&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&frm=20&vis=1&psz=300x0%7C1600x0%7C970x0&msz=300x0%7C1600x0%7C970x0&fws=512%2C4%2C4&ohw=0%2C1600%2C970&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1002708125.1686230887&ga_sid=1686230887&ga_hid=206392822&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRio2sXZiTFIAFICCGo.
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0541ad9513d9b600d94e2747ab185a67c4d84155c0a734c7f7ead4dec03e40ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17086
x-xss-protection
0
google-lineitem-id
6035401175,5697330196,6286216256
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138393998385,138408395563,138430607313
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame E904 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d6607cbcb769756c631e468ac387ca55bac80e12e631355b5ffc6daf4a32c4a4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2137
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 08 Jun 2023 13:28:07 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
AB7HHXZDMA20RY4W9RS2
ecm3
s.amazon-adsystem.com/ Frame E904
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1686230888183
  • https://ad.turn.com/r/cs?pid=45&rndcb=2278487850
  • https://sync.1rx.io/usersync/turn/8586564380717791997?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7ae8b7e3-8b29-4305-b08f-8db611fd254e-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-7ae8b7e3-8b29-4305-b08f-8db6...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7ae8b7e3-8b29-4305-b08f-8db611fd254e-005
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7ae8b7e3-8b29-4305-b08f-8db611fd254e-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KW64GT59XQVYC0HA783Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 08 Jun 2023 13:28:08 GMT
Server
Tengine
ETag
RX7ae8b7e38b294305b08f8db611fd254e005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-7ae8b7e3-8b29-4305-b08f-8db611fd254e-005
Content-Type
text/html
Connection
keep-alive
amzns2s
rtb.gumgum.com/usync/ Frame 5B7B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.5.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-5-17.compute-1.amazonaws.com
Software
nginx /
Resource Hash
add7676d3c6829fc53e4bfd72728295b3c6b1ac2680eaf2a55bbbc2b90a18dd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 08 Jun 2023 13:28:08 GMT
etag
W/"03cb5527486b0f372218c2abcec17e3c2"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 5473
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
c94516b85607ed0b1e5b5a965577d848e78850a0ba8a64f2bd56ab94b39734f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1716
Content-Type
text/html
Date
Thu, 08 Jun 2023 13:28:08 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Thu, 08 Jun 2023 13:28:08 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 987E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.204.192 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-204-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=136598
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 08 Jun 2023 13:28:08 GMT
expires
Sat, 10 Jun 2023 03:24:46 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame FDDE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Jun 2023 13:28:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 1B7D
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
95fe181a05e5300ebd06f7ff4a43313146da6c6cc03eede234e031c2a3523e25

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
401
content-type
text/html
date
Thu, 08 Jun 2023 13:28:08 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 08 Jun 2023 13:28:08 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 5D4E
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7241001127042410615&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7241001127042410615&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 08 Jun 2023 13:28:08 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
769BG3NPC305MP403VTK

Redirect headers

content-length
0
date
Thu, 08 Jun 2023 13:28:08 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7241001127042410615&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 1754
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1727900444351892618011
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1727900444351892618011
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 08 Jun 2023 13:28:08 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SY6WJHF7DK4S35BBPK1Z

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 08 Jun 2023 13:28:08 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1727900444351892618011
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.js
eus.rubiconproject.com/ Frame FDDE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
694be427f6c5df1f75601931ea4ce925e85965bb3b856390bd4e6e307365a9b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Thu, 08 Jun 2023 13:28:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jun 2023 09:31:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72142
Connection
keep-alive
Content-Length
10113
Expires
Fri, 09 Jun 2023 09:30:30 GMT
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4051888546865684590
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4051888546865684590
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Thu, 08 Jun 2023 13:28:08 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.40; 96.9.249.40; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ae16cd5d-5c8f-4913-bcd7-d4e25e95c272
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=4051888546865684590
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&gdpr=&gdpr_consent=&us_privacy=
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=456b4b69-dd0a-4acc-85aa-daffd9807d36
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=456b4b69-dd0a-4acc-85aa-daffd9807d36&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=456b4b69-dd0a-4acc-85aa-daffd9807d36&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d044f0b0-8e39-4fcd-8aae-f0e51c9541d9%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0a441050-130f-4faa-9817-71fafc854956&ttd_puid=d044f0b0-8e39-4fcd-8aae-f0e51c9541d9%2Chttps%253A%252F%252Fx.bidswitch.net%...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=gumgum2&bsw_param=456b4b69-dd0a-4acc-85aa-daffd9807d36
  • https://usersync.gumgum.com/usersync?b=bsw&i=456b4b69-dd0a-4acc-85aa-daffd9807d36&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=456b4b69-dd0a-4acc-85aa-daffd9807d36&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:09 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=456b4b69-dd0a-4acc-85aa-daffd9807d36&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 08 Jun 2023 13:28:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0a85bc50-c7c1-5123-545e-ff63a719c296$ip$96.9.249.40
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-0a85bc50-c7c1-5123-545e-ff63a719c296$ip$96.9.249.40
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-0a85bc50-c7c1-5123-545e-ff63a719c296$ip$96.9.249.40
Date
Thu, 08 Jun 2023 13:28:08 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=336Qg1ufnM33vzqHdcZB&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHUZTGNSRM4YXKZTOJUZTG5T2OFEGIY22II
  • https://usersync.gumgum.com/usersync?b=zem&i=336Qg1ufnM33vzqHdcZB
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=336Qg1ufnM33vzqHdcZB
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=336Qg1ufnM33vzqHdcZB
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=bLM7FHTiJAdX&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=bLM7FHTiJAdX&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=bLM7FHTiJAdX&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-9jwvc
expires
-1
cookie-sync
sync.outbrain.com/ Frame 5B7B
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28gdmZ5zQcsNNv4rs2fzGi_bkpWOu4q71tWmFVxwq8iBnUdWj2iQ0LaW69kbWo0yGE%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&obuid=ENC(gdmZ5zQcsNNv4rs2fzGi_bkpWOu4q71tWmFVxwq8iBnUdWj2iQ0LaW69kbWo0yGE)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://cm.rtbsystem.com/usermatch/ob?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drtbsystem%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING%26us_privacy%3D$CCPA%26uid%3D%7Bu...
  • https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=23b3d329-bf12-58ca-b3da-068d6210bc0f&initiator=platform&obUid=gdmZ5zQcsNNv4rs2f...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=23b3d329-bf12-58ca-b3da-068d6210bc0f&initiator=platform&obUid=gdmZ5zQcsNNv4rs2fzGi_bkpWOu4q71tWmFVxwq8iBnUdWj2iQ0LaW69kbWo0yGE
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Thu, 08 Jun 2023 13:28:09 GMT
Cache-Control
no-cache
X-TraceId
0a2936697044ff0a0705cfa9ba186145
Content-Length
0

Redirect headers

date
Thu, 08 Jun 2023 13:28:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEGtVkkOEozpyuvZ95Y930Kr%2BuSJU24QAcagXkt1ZGb%2FhVIdvY1pjfHJHTzlu8rbbOpiAczMuZU%2F4ePMc7nssOOK6ae2z%2FcqvrcQBMu4XMTVcOvi7wgTjbhFTusMFfdGml3Slde%2BgDKzr02907%2BV"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://sync.outbrain.com/cookie-sync?p=rtbsystem&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=23b3d329-bf12-58ca-b3da-068d6210bc0f&initiator=platform&obUid=gdmZ5zQcsNNv4rs2fzGi_bkpWOu4q71tWmFVxwq8iBnUdWj2iQ0LaW69kbWo0yGE
cf-ray
7d4179f0b8ed1879-EWR
alt-svc
h3=":443"; ma=86400
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=89b2cdb1-2f54-010e-3aba-a3dc9bf2209c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=89b2cdb1-2f54-010e-3aba-a3dc9bf2209c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 08 Jun 2023 13:28:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=89b2cdb1-2f54-010e-3aba-a3dc9bf2209c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-pFWdi3NE2peVclTheWu3tjHm220c0bOoPd9r~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-pFWdi3NE2peVclTheWu3tjHm220c0bOoPd9r~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 08 Jun 2023 13:28:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-pFWdi3NE2peVclTheWu3tjHm220c0bOoPd9r~A
content-length
0
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=91109730-4e3f-4868-86dd-10c1a5f7e229
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=91109730-4e3f-4868-86dd-10c1a5f7e229
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=91109730-4e3f-4868-86dd-10c1a5f7e229
Date
Thu, 08 Jun 2023 13:28:08 GMT
Connection
keep-alive
X-CI-RTID
b49eff48-b453-4804-84e8-c0e0ed826498
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=A42684DA40694E48B36D7397BF65523E
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=A42684DA40694E48B36D7397BF65523E
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 08 Jun 2023 13:28:08 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
740304610
location
https://usersync.gumgum.com/usersync?b=snc&i=A42684DA40694E48B36D7397BF65523E
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_d941c3fecddf495391179
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_d941c3fecddf495391179
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_d941c3fecddf495391179
date
Thu, 08 Jun 2023 13:28:08 GMT
content-type
image/gif
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=9d112edc-7c27-4fc9-bf5d-358db08c77a6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=9d112edc-7c27-4fc9-bf5d-358db08c77a6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=9d112edc-7c27-4fc9-bf5d-358db08c77a6
access-control-allow-origin
*
date
Thu, 08 Jun 2023 13:28:08 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 5B7B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7241001127042410615
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7241001127042410615
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:09 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7241001127042410615
date
Thu, 08 Jun 2023 13:28:08 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5B7B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WENMCE6XA1TRYBVE12TD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5473
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIHXaLR1NnDOghLlfgqgVQAABYcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDOcVR8jzk4BHndejVd0z2Q&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDOcVR8jzk4BHndejVd0z2Q&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDOcVR8jzk4BHndejVd0z2Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5473 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIHXaLR1NnDOghLlfgqgVQAABYcAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J7ZNAC6PMJWQQJWZ0WRZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5473
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIHXaLR1NnDOghLlfgqgVQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPvttd0j15i0SahXcfbIr24&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPvttd0j15i0SahXcfbIr24&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPvttd0j15i0SahXcfbIr24&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5473
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a441050-130f-4faa-9817-71fafc854956&expiration=1688822888&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a441050-130f-4faa-9817-71fafc854956&expiration=1688822888&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0a441050-130f-4faa-9817-71fafc854956&expiration=1688822888&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
113
match.deepintent.com/usersync/ Frame 5473 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 08 Jun 2023 13:28:08 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum-sec.casalemedia.com/ Frame 5473
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702042088&external_user_id=9e72237e-0c6a-4e8b-a151-4ef2d23b9dd5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702042088&external_user_id=9e72237e-0c6a-4e8b-a151-4ef2d23b9dd5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Thu, 08 Jun 2023 13:28:08 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702042088&external_user_id=9e72237e-0c6a-4e8b-a151-4ef2d23b9dd5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 5473
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZIHXaLR1NnDOghLlfgqgVQAA%261415&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a58d7523-cba2-48df-8309-7c9920e33ba0-tuctb7b5ce8
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a58d7523-cba2-48df-8309-7c9920e33ba0-tuctb7b5ce8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a58d7523-cba2-48df-8309-7c9920e33ba0-tuctb7b5ce8
date
Thu, 08 Jun 2023 13:28:08 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
30910
rum
dsum-sec.casalemedia.com/ Frame 5473
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8514506786679864061
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8514506786679864061
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8514506786679864061
pragma
no-cache
date
Thu, 08 Jun 2023 13:28:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 5473 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZIHXaLR1NnDOghLlfgqgVQAABYcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MEDR29BK1555J7Z00KNV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user-sync
sync.adkernel.com/ Frame 1280 		22 B
192 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
22
Date
Thu, 08 Jun 2023 13:28:08 GMT
Pragma
no-cache
Server
nginx
e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame 39B3 		9 B
175 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 08 Jun 2023 13:28:12 GMT
Server
nginx
Transfer-Encoding
chunked
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C144 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.204.192 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-204-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=136598
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 08 Jun 2023 13:28:08 GMT
expires
Sat, 10 Jun 2023 03:24:46 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 1D43
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=0a441050-130f-4faa-9817-71fafc854956
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=0a441050-130f-4faa-9817-71fafc854956
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 08 Jun 2023 13:28:08 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Thu, 08 Jun 2023 13:28:08 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=0a441050-130f-4faa-9817-71fafc854956
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 2610
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=85ed6481-d768-4600-869f-20886a69d550&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=85ed6481-d768-4600-869f-20886a69d550&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 08 Jun 2023 13:28:08 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 08 Jun 2023 13:28:08 GMT
Expires
Thu, 08 Jun 2023 13:28:07 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 933 7933424 master iad-pixel-x29 config_version:"2673"
location
https://usersync.gumgum.com/usersync?b=mmh&i=85ed6481-d768-4600-869f-20886a69d550&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 41E1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZIHXaAAQLCdviwBL
  • https://usersync.gumgum.com/usersync?b=atm&i=ZIHXaAAQLCdviwBL&gdpr=&gdpr_consent=&_test=ZIHXaAAQLCdviwBL
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZIHXaAAQLCdviwBL&gdpr=&gdpr_consent=&_test=ZIHXaAAQLCdviwBL
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 08 Jun 2023 13:28:08 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 08 Jun 2023 13:28:08 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZIHXaAAQLCdviwBL&gdpr=&gdpr_consent=&_test=ZIHXaAAQLCdviwBL
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4544-YYZ
x-timer
S1686230888.380427,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame B485 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81YTAwYmQzZi1mYTFhLTRkYzItYjA2ZC1hMWM5OTc3ZWM5MzI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 13:28:08 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 59E9
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZIHXaMCo5tEAANykFCYAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZIHXaMCo5tEAANykFCYAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 08 Jun 2023 13:28:08 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 08 Jun 2023 13:28:08 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZIHXaMCo5tEAANykFCYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40096.dc2p.scaleout.jp
X-SO-IP
96.9.249.40
X-SO-Key
ZIHXaMCo5tEAANykFCYAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.40","key":"ZIHXaMCo5tEAANykFCYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40096"}
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40096
ecm3
s.amazon-adsystem.com/ Frame 1B7D 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=265915bc-1beb-82a2-9dcf-31a63b91ea3a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EV08ZECP0JJXSM4RRKF1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ea480f85-97ed-ab11-6c16-a5c4acf5ec93
pr-bh.ybp.yahoo.com/sync/openx/ Frame 1B7D 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/ea480f85-97ed-ab11-6c16-a5c4acf5ec93?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 1B7D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=265915bc-1beb-82a2-9dcf-31a63b91ea3a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SSGQK7NNJ99TJR57NH7Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1B7D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=7e8f69c1-0741-3958-5dc1-b33153a221da&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=7e8f69c1-0741-3958-5dc1-b33153a221da&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a441050-130f-4faa-9817-71fafc854956&ttd_puid=7e8f69c1-0741-3958-5dc1-b33153a221da&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a441050-130f-4faa-9817-71fafc854956&ttd_puid=7e8f69c1-0741-3958-5dc1-b33153a221da&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:08 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0a441050-130f-4faa-9817-71fafc854956&ttd_puid=7e8f69c1-0741-3958-5dc1-b33153a221da&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 1B7D 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTJlMGJhMGItY2UzNi02N2ZjLTQ4MjEtZTk4ODk5NDBlZmJh
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1B7D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFE_t_1elBYfeFRSB_Rnmj4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFE_t_1elBYfeFRSB_Rnmj4&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:08 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFE_t_1elBYfeFRSB_Rnmj4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 8C3C
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=1ea9a79a-6327-4e03-ae3a-1a3b3efe4f00
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=1ea9a79a-6327-4e03-ae3a-1a3b3efe4f00
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 08 Jun 2023 13:28:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 08 Jun 2023 13:28:14 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=1ea9a79a-6327-4e03-ae3a-1a3b3efe4f00
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame AF9B 		43 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 08 Jun 2023 13:28:08 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 0330
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=YXPRNcrJ7lpREJNe5rHO&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=YXPRNcrJ7lpREJNe5rHO&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 08 Jun 2023 13:28:09 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 08 Jun 2023 13:28:08 GMT Thu, 08 Jun 2023 13:28:08 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=YXPRNcrJ7lpREJNe5rHO&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 8635
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Jun 2023 13:28:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 08 Jun 2023 13:28:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
khaos.jpg
token.rubiconproject.com/ Frame FDDE 		284 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
container.html
daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 11D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 13:28:07 GMT
expires
Fri, 07 Jun 2024 13:28:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F7EB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 13:28:07 GMT
expires
Fri, 07 Jun 2024 13:28:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2CE9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 13:28:07 GMT
expires
Fri, 07 Jun 2024 13:28:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 11D0 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 10:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
10170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jun 2024 10:38:38 GMT
css
fonts.googleapis.com/ Frame 11D0 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&lang=en
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Jun 2023 13:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 13:18:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Jun 2023 13:28:08 GMT
12444116532471404824
tpc.googlesyndication.com/simgad/ Frame 11D0 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12444116532471404824?
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a14311f907b99d07ca609b0ec3779d2677131345a730bdeb37326531775e82e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 03:06:24 GMT
x-content-type-options
nosniff
age
469304
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16235
x-xss-protection
0
last-modified
Fri, 14 May 2021 07:12:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 02 Jun 2024 03:06:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 11D0 		175 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55943
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686137816735621"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 13:28:08 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F7EB 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 10:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
10170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jun 2024 10:38:38 GMT
css
fonts.googleapis.com/ Frame F7EB 		2 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Jun 2023 13:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 11:38:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Jun 2023 13:28:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F7EB 		175 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55943
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686137816735621"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 13:28:08 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2CE9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 10:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
10170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jun 2024 10:38:38 GMT
css
fonts.googleapis.com/ Frame 2CE9 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Jun 2023 13:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 13:09:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Jun 2023 13:28:08 GMT
16353981355577854205
tpc.googlesyndication.com/simgad/ Frame 2CE9 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16353981355577854205?
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b0e03904e02e7eca3f4581d391bbe828b44642f9805a7fcc66c2ea38c0ca088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 22:53:08 GMT
x-content-type-options
nosniff
age
138900
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60879
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 07:40:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Jun 2024 22:53:08 GMT
12444116532471404824
tpc.googlesyndication.com/simgad/ Frame 2CE9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12444116532471404824?
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a14311f907b99d07ca609b0ec3779d2677131345a730bdeb37326531775e82e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 03:06:24 GMT
x-content-type-options
nosniff
age
469304
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16235
x-xss-protection
0
last-modified
Fri, 14 May 2021 07:12:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 02 Jun 2024 03:06:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2CE9 		175 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55943
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686137816735621"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 13:28:08 GMT
ecm3
s.amazon-adsystem.com/ Frame FDDE
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LIN6C0RT-25-JG5X
  • https://s.amazon-adsystem.com/ecm3?id=LIN6C0RT-25-JG5X&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LIN6C0RT-25-JG5X&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FF8EKVNRP9VZ1095SCZ6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LIN6C0RT-25-JG5X&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Expires
0
usync.js
eus.rubiconproject.com/ Frame 8635 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
694be427f6c5df1f75601931ea4ce925e85965bb3b856390bd4e6e307365a9b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Thu, 08 Jun 2023 13:28:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jun 2023 09:31:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72142
Connection
keep-alive
Content-Length
10113
Expires
Fri, 09 Jun 2023 09:30:30 GMT
pixel
cm.g.doubleclick.net/ Frame FDDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElONkMwUlQtMjUtSkc1WA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMZfx_ziNCN3CzNsQ2LEYNA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElONkMwUlQtMjUtSkc1WA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElONkMwUlQtMjUtSkc1WA==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElONkMwUlQtMjUtSkc1WA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
tap.php
pixel.rubiconproject.com/ Frame FDDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/TOz1wyEfYMA8_djtwa6Rwsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nyeuS7tE2oIFydJLbKWSZa1afKbzRswxGT3s3Q--~A
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nyeuS7tE2oIFydJLbKWSZa1afKbzRswxGT3s3Q--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 08 Jun 2023 13:28:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nyeuS7tE2oIFydJLbKWSZa1afKbzRswxGT3s3Q--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame FDDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIN6C0RT-25-JG5X
0
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIN6C0RT-25-JG5X
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:08 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0A7E4378868449B58E8671942E3F51C6 Ref B: NYCEDGE1321 Ref C: 2023-06-08T13:28:09Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX9njknWjWQex2irDzW0Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIN6C0RT-25-JG5X
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FDDE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0a441050-130f-4faa-9817-71fafc854956&gdpr=0&gdpr_consent=&expires=30
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0a441050-130f-4faa-9817-71fafc854956&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0a441050-130f-4faa-9817-71fafc854956&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
s.amazon-adsystem.com/ Frame FDDE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Mv0hjKLxSV6DvsTooS8PdQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Mv0hjKLxSV6DvsTooS8PdQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Mv0hjKLxSV6DvsTooS8PdQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SG25TFVJXHCE7VYTV6M1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Mv0hjKLxSV6DvsTooS8PdQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FDDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ-sjz-9XBtLctIlBLWiMDs&google_cver=1
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ-sjz-9XBtLctIlBLWiMDs&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ-sjz-9XBtLctIlBLWiMDs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame FDDE 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XCAXC5007NMX89XA7NZQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FDDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRjMzk4NWFlMmFjNmZlNWY5OTI0MzE2MzNmYzg2MThiZGJhN2NkNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRjMzk4NWFlMmFjNmZlNWY5OTI0MzE2MzNmYzg2MThiZGJhN2NkNQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGRjMzk4NWFlMmFjNmZlNWY5OTI0MzE2MzNmYzg2MThiZGJhN2NkNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
view
securepubads.g.doubleclick.net/pcs/ Frame 11D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHMwqb0UjstDVGT2RRSpv5V6ISEMisVQlCIcdTZBaWUpH66AZURbusIMCKAifSkne3O-vkI4-UiE3yYSXpIMpHlWNZaH16x4TRtr3RUNndKSyzNA2i76rUR64kbJc1jYrNtrvBGDSFfy75gP_13ohKWoT2E6IwrNs4ey0hEwjpASFma2bjpujMahAU-ljFpcLWm1XfqcXUs0eWCyCNV16-fM2Ct1R79PgtHbFg_CEizX2Rsd7_lACCew7hOKbjlF0RvwYERyBuUJoF88ungfohGELhVLFccpZumCUGJ3BSb7YiZac3k_1ervc66430yhknzSLRlqH5soCYWi2RLe-5xVGjNEWSMMhgRIBZRXqq2EhJo6ScSrI02IxmjfsNi5xRxfwjxgPBYlToxp806UVZgMYvTNNVICivHj10915s&sai=AMfl-YSboMHqE7o5jzkieqID_7-ubywZj_rS90BcCrXY5rfn2v4hNu4dVlrVuycizEVXgUAXDFwnZ2iBfXSDk4mliHxbgsjDPT4tdTygs8aYNHwM9CyXas24PxMAQT5ssfw&sig=Cg0ArKJSzL-nqC0DvyULEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F7EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMqqy2NYQ5aFCOS5SNaNzyJwW6hxEHcGHNYbXsXh4Cs83TORauAROLkCiYzb4eIPamZjba0a3q4TCnd77Qf2XHiVe4MHTUn1q0aFVJ881LY51YImh2dDr_bDJ9SsZ8TsfQgKCKv1mMh-TLsgXAMnalvENdZKLY3V4xn3kRQ3L3optFiCRBHgAszYliAgN0MhTiASkxiaBEJHkTegtXQdKDTjT8ZVd-8AfPMe76wEZ4K6ONM20uU9V4k4gfJTt7DT1cSV_cWr1HeG41_AqM15oNt70jGw8zIOMbkMFoHDy7fxihQMmvxR5NS-xLqF-n_jbovqnYEoJz12qelihHUNRpPARRLQfSJnjhd3TJIZcPbuCDJSPYLCChy1Eyvv-N76CghPi-Gwg0Jsxlge7-sVWkIUj23SwFHPBHTDNxdjNxsIs&sai=AMfl-YS2B9qHXaRnzgcugqCteRlFkPGvVzA5rfLmrnFY0IV4ZsvFFIMVLpLlT6FkewMOW9eZpI6xTjEw-JDqgF9wGXnx-OBHpr9077nxP_QPj4jEq-l5WRHpqtcFZMX-pts&sig=Cg0ArKJSzJQJSFoLJuU1EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 11D0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 05:55:40 GMT
x-content-type-options
nosniff
age
459149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 05:55:40 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 11D0 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 05:55:38 GMT
x-content-type-options
nosniff
age
459151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 05:55:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2CE9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuY0LKxAbRlvn1E9AjB2DBuwHCFoWSmSCF5xEfYuzMmrjo7Ix22Jkn3U2cjqZb1naQPoAEJuLUyC79ymqUc1tCfM9HX0tYRM0p4TXpFps2uLQmvIN2ogLCS4Q1BUR22A25b0PWgBRz9UbLE8iXW9Bpuf2vxMiIIrEq8_t1bx2rFzpmVejTOYBTzJfZvR6vbDkFXex5SX_VTTrpVmNXFiz2TDcnp7US-sHVffvsWTUAEqUDjaQ8tIkjiDHZM2e7VlauqwNUU6DDZKCxDiSM00kRQNXwwYd8R1NPE8qmbE5Vea2jqD0BHu134xlp4qjemY02_tGhkbHyeWztLmKNykNGtaqtH4Tn7laqzR2KumrO0H99yptVrcbK81EJE4tLja7hEHw7rWNym8QnImraQuB9u7o74gj6yYSBxvZ567BwH8jaykTXq7RM&sai=AMfl-YSKMqkj5nDTVh7WFLQNUseeVNvMyDrhBkGCHoJjoAqXK-9mXlDEP1GApX9cec8YunPXhlYtqxqQvnwi9lYVWQttA-01nrnwpg_LVVvnqcOtYcMo4DdQpQHRF5Xxgfo&sig=Cg0ArKJSzJHtXehj7bu2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
URL: https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F7EB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 05:55:40 GMT
x-content-type-options
nosniff
age
459149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 05:55:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2CE9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 05:55:40 GMT
x-content-type-options
nosniff
age
459149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 05:55:40 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2CE9 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 17:16:32 GMT
x-content-type-options
nosniff
age
418297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 17:16:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 11D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTf-RN6VJSexLc-QvHseCHk41Jfy0pya-aYCmxM_4zKXx7jn4P7ZcCKBXNo47V9m5gswaEEsk0_hgO2cb83MMEbTz0lPDaYw0SZlc_NXE9P1azQ0lrnxWV5Mn8Dty7ke-4u-u3R1nbNq74pczWFSkqrcOm9EAm9Bu_g7u7dAlUVrMtoX_UtPa3Hvka-TwwPgLkNtd5KCXW8toIas7ZbIy9rJdXMBErX2ZNWF4JXUA_7s-2xoKeLui_GjRFZcKzBChQVK82X55DDy0j3vWMdz4ROSrHBw21x-szYcrO03lFYBkZ6VSH3O1ZFW6mO3kbrRqNk9f7Z8QIpzyd0B4rVTmvygPAjK2NuIy3LTmru4coh-lFeCY-6m6z0EEq6mfXnKzkfVHUJZest7fd7ue3w6S7ztlm&sai=AMfl-YQS3Y7WOXBnVb-HoaaFQ5Kjn64X4bWx78FfjbW5GFoXqPxtXpsNai5IJ4qlPeaC1-FTbvCXvZZ2dHm2t3zTDZ4c0ZXqTY_vsmKdKIJpXZ_GLjXR5AkkCBcWx93lFak&sig=Cg0ArKJSzOHpkk1Ma5pqEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 08 Jun 2023 13:28:08 GMT
usersync
usersync.gumgum.com/ Frame 8635
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LIN6C0RT-25-JG5X
  • https://usersync.gumgum.com/usersync?b=mag&i=LIN6C0RT-25-JG5X
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LIN6C0RT-25-JG5X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 08 Jun 2023 13:28:09 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LIN6C0RT-25-JG5X
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
Expires
0
truncated
/ Frame 11D0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3f14d3d63238c163b9276738b18b3b6682c473175b09ec715b82a3ed3c1b2f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2CE9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrcCPmtSoWqj0qVE9wnzxf0WgFbDEn3b6AhjIWXAXi5NbnGr6j4xq7zw4dv_cRR8ZFx_gXgBhTokjGc0eDPmUEqNQfJXdVHTFmbpq3Ir9b70rucSB0gC8lH63VFFH3kCzZ7d89QLuAn9W_ulGgXyPUfFRTDfF4mFQfMYwlltEUoCMti_QN25QAdd3L0IlDk1eIkjCFU-T6LKNado_pm2WeolCt5CmPLSJbO9nQdJSHa_-n11xc6hxYUoatBBGvpTD9PgdHyO-elCR51_iaZKgRtNqO0loyLPHVD_wGP5dmnpn592UYzqjUhd5AqoM-rJVSwCtl0P1VEtCirXTPWuyfMy3g6rhoQLrtwqSEyNkkqE2uwiaznZ7eGxYWxcJZnCPFrpUEXieOlTogG5wvo-WbieJLvMJ3XmVPYGI&sai=AMfl-YQ19jXAdywYqRm0uu2W9GxykMLnt5KE_pe4f8v_ZRdqCryTec9CmVUt-OtWaxURVAiNe02DRy3xUdsbdxp2j29hydMw5p54QkxwrW2M9mvemRGtSisKE_K2HF3bguk&sig=Cg0ArKJSzOdrsXoPBolaEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 08 Jun 2023 13:28:09 GMT
truncated
/ Frame 2CE9 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7437abe7514368ac49a7146a8f763c1a87979037b1d48cc923eb0b9bd7665511

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F7EB 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abfd078f657c0395a1b892d5619cde113b7645d1c9ccee92c5e2d5a9dc8efaa3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F7EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss56F3_U1wS18cDVzbNu0hM_b3Gp9BR3BPj6nYptpucC2HWPcvqHeywiiT8OY1PekEo_u4Z_BeBSMWBechgdoyK56laOUk2bccxdvaznKJBpY-9RX-vF6bHzhX_fNBlaZNFJb95zgOTJ9gzEoOvgaYaeEaQpicdZSXOfRWmJiyNLb3QeXLpTKIckJVYjqoqMTUzqGyEUveQ7C6c5dRNiq2JReykT31749of8xLmf0u5XHGyEp7rp59RZRwSqRzaYAgKk3TfdourngRZEkxbIwTULTXBMty8UNaJbFGxBXTF5SS1bEfR3prAqwMqdeULhoJBjLWBFZegiDf8myM9xulmF6TBSWcqzWFHwlH53D0ZN1Xtutm19aPKUw1TLUJjwVLtgGfPdZSrTmAosNUTbjIs0h4NXAU&sai=AMfl-YT70r_9C8lQ_Wdi1dIu6qxCBkeEBgk1oMM6OIDM8CjWdOBhYsbp-ogfVgXZOjkH_5rPP9RcFIjZEBdXv4CRNm8x8F9_HVkGA7jNrqwD28_17Gw8rFgztiavtT1ao3M&sig=Cg0ArKJSzKqgAgbcN4YgEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 08 Jun 2023 13:28:09 GMT
gen_204
www.google.com/afs/ 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=softonic&output=uds_ads_only&zx=1jp2a9z38fmt&aqid=Z9eBZOGcBouMyQOq5qvABA&psid=3261714721&pbt=bs&adbx=802&adby=1616.25&adbh=250&adbw=290&adbah=56%2C56%2C56%2C56&adbn=master-1&eawp=partner-softonic&errv=537871741&csala=7%7C87%7C461%7C27%7C222&lle=1&ifv=0&usr=1
Requested by
Host: iobit-malware-fighter.softonic.cn
URL: https://iobit-malware-fighter.softonic.cn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-uFiG6ybQYmXMpV3OkOcq1A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-uFiG6ybQYmXMpV3OkOcq1A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Thu, 08 Jun 2023 13:28:09 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2CE9 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyK4titNMm4G_wjrkPwsUJ12EPGp3WU8FmhQq12VD99aBnWgXTDJ1u8-2TzKOCdGCvbBaVv0g2-DuW269JC9rfY0MXRZE1TLpurvsyQEojuQOTP3eU&sig=Cg0ArKJSzLrBj_Xy_QNgEAE&id=lidar2&mcvt=1000&p=149,316,397,1284&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230607&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=1776590748&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686230888534&rpt=474&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 11D0 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvFi-9WHcj693PkS1HFPvbx2M5VRlMER9eEHLbOpvyYF10TfgJQZe6_9fqJmm6xCUlpDfsrACsw6SywzNRCnGE8b5at3tULxRdzs-VcbQUtKqX-qYr&sig=Cg0ArKJSzIdOLgh2QGcGEAE&id=lidar2&mcvt=1005&p=488,1117,1005,1415&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230607&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=1335813602&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686230888501&rpt=457&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F7EB 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwnox38Mhszlw1mu-wUDPPC7lhClQAsYspJBYVXnf29J_jiQKERwFCIifT6g8kjnjpqVopK-QGe7w45ucp6gGdB2KXmc0ESo8TJDHvgOvx0rahjQRy&sig=Cg0ArKJSzBuRH-IiOYA2EAE&id=lidar2&mcvt=1000&p=0,0,48,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230607&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=3501912354&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686230888522&rpt=592&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
offersv2.min.css
dnlgm0m0r44nl.cloudfront.net/gaia/0.53/css/ 		15 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dnlgm0m0r44nl.cloudfront.net/gaia/0.53/css/offersv2.min.css
Requested by
Host: js.srvtrck.com
URL: https://js.srvtrck.com/v1/js?api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.38.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-38-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ef5073c6e8dcffe3f6e5c98082c0ff1e5f030aad0d0008d30e3140085c84917

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 15:03:03 GMT
Via
1.1 d4b67fda8355378cec4afc079701f8e6.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Feb 2015 17:06:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P2
Age
80746
ETag
"3d22a39c5e3553db2f6f716c0819604b"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15788
X-Amz-Cf-Id
6q52rMyHz9nHbxRzy6FASmnTyNvCueanDRxR0WBH9efeYwEy1N1QIA==
link
search.srvtrck.com/v2/page/ 		2 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.srvtrck.com/v2/page/link?ctx.dist=low&distinct_advertiser=3&fields=price,advertiser,logo,ad_type,icon&logo.dim=150X150&url=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&abtag=abp:false&api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554&tid=d5c36610-5489-46a1-9019-1d86cb28b37e&dch=gaia&tna=gaia&tv=0.121&title=IObit%20Malware%20Fighter%20%E7%89%88%20-%20%E4%B8%8B%E8%BD%BD&refr=&page=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&afsrc=1&cache=BPLQ1SVG4ACK2F02RVKKMU56AV0EG7SP&vid=null&dnt=0&set.cache=true&ad_space=&version=0.121&loc=use_geo&size=20
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cedb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://iobit-malware-fighter.softonic.cn
content-language
en-US
cache-control
max-age=3600
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
cf-ray
7d417a1108f5d153-BUF
alt-svc
h3=":443"; ma=86400
uuid.html
hades.srvtrck.com/v2/ Frame 32E6 		311 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hades.srvtrck.com/v2/uuid.html
Requested by
Host: js.srvtrck.com
URL: https://js.srvtrck.com/v1/js?api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cedb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd45713beee6c2428f11ad6444c6e2a6bbe1bfad330e68002052e9832a5dcc03

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
25056
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
7d417a1118f7d153-BUF
content-encoding
br
content-type
text/html
date
Thu, 08 Jun 2023 13:28:14 GMT
expires
Fri, 09 Jun 2023 13:28:14 GMT
last-modified
Thu, 08 Jun 2023 02:45:10 GMT
server
cloudflare
vary
Accept-Encoding
i
i.srvtrck.com/v1/ 		68 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.srvtrck.com/v1/i?e=pi&api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554&tid=e7207fdf-8f48-4c0a-89cb-8f4ab1542493&dch=gaia&tna=gaia&tv=0.147&title=IObit%20Malware%20Fighter%20%E7%89%88%20-%20%E4%B8%8B%E8%BD%BD&refr=&page=https%3A%2F%2Fiobit-malware-fighter.softonic.cn%2F&afsrc=1&cache=CBC6FBF2IEP64N0VBHFJG4U6UQIE6ROQ&vid=null&dnt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cedb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
p3p
CP="CAO PSA OUR"
cf-ray
7d417a1128f8d153-BUF
alt-svc
h3=":443"; ma=86400
content-length
68
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306010101&st=env
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23d90ea2ece52f40266b7bb6a20e07e5dea1279712cd17418a3379a2348025fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11349
x-xss-protection
0
rtg.gif
notix.io/ 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notix.io/rtg.gif?px=00feb176-39e3-42ba-9efa-9ee75d162f39
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
43
json2.js
hades.srvtrck.com/static/ Frame 32E6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hades.srvtrck.com/static/json2.js
Requested by
Host: hades.srvtrck.com
URL: https://hades.srvtrck.com/v2/uuid.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cedb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caba961cf71d7213df26fc8d5f11212204b5968f62698056ce768dada4656676

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Jun 2023 15:12:01 GMT
server
cloudflare
age
25056
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=86400
cf-ray
7d417a11b91ed153-BUF
alt-svc
h3=":443"; ma=86400
expires
Fri, 09 Jun 2023 13:28:14 GMT
hades-server2.js
hades.srvtrck.com/static/ Frame 32E6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hades.srvtrck.com/static/hades-server2.js
Requested by
Host: hades.srvtrck.com
URL: https://hades.srvtrck.com/v2/uuid.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cedb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e8ec7865f2d8dffcd47b65e40efda889633cc02962596a6bf3d1be6d19a6dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Jun 2023 02:35:22 GMT
server
cloudflare
age
25056
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=86400
cf-ray
7d417a11b91fd153-BUF
alt-svc
h3=":443"; ma=86400
expires
Fri, 09 Jun 2023 13:28:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 13:28:14 GMT
profile
hades.srvtrck.com/v1/ Frame 32E6 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hades.srvtrck.com/v1/profile?action=create&ykuid=9s3rt98y8rq5v8o4d08l73
Requested by
Host: hades.srvtrck.com
URL: https://hades.srvtrck.com/v2/uuid.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:cddb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
10fe36278af5ec590acb10c83ed5f99e70a4f07943cd465402d24d42c4392153

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:14 GMT
cf-cache-status
MISS
last-modified
Thu, 08 Jun 2023 13:28:14 GMT
server
cloudflare
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d417a122ddcd163-BUF
alt-svc
h3=":443"; ma=86400
content-length
1095
expires
Fri, 09 Jun 2023 13:28:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4790 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
10169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 10:38:45 GMT
expires
Fri, 07 Jun 2024 10:38:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BCA3 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4c452c02c8311e0c88642fe201e1e4b96c6d7cd3af94ce31545b071fea782941
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rzvT-f1MW8s4GruPsU6i3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-rzvT-f1MW8s4GruPsU6i3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 13:28:14 GMT
expires
Thu, 08 Jun 2023 13:28:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
pagead2.googlesyndication.com/bg/ Frame 4790 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 19:26:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
151332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14773
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 19:26:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BCA3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306010101&jk=4051777403564866&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4790 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?se5E4Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:28:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306010101&jk=4051777403564866&bg=!GhmlGU3NAAaGYqkwpmI7ADkAdvg8WioP42lAeBsZfpeJitKc_UhwRpS5RZzaWH99J23TrEeZ37Fgmg42L9HkGE9pFPgJHVb1XTECAAAAjVIAAAADaAEHmQLxIBq0aCHUQHon3-9-vl0_2mXtgyP8xk4gLKgY_vjZPZCLVASDKBMo3D1M4m9sggr1xNUr1KGeZIs3Z3H-ZumU_y9xz_jclvchK_JWO68Y9iGT9aP54cf8Qy9G9tk5AnMDzCDMmktrfLBjh0IXq_cwa1AnKHRqcn8k5zB2GcGoOHW1HCizDfzH2W0ythcPgrHq7Eevsd8VzCtgV4_cezd2A4UK0xx2C_wFdCRh4us6EOlTvH19hLKDH6vMWDyGT9djNPh52HMWCsD5WjwCslSKnCpvjX9-8-3gSV7L5XsvZjJBRA0CuZ0v4skawkfIXDREmSeSp4IHi5rXOOuJglZ4Mzf3WGD5O6i_zuOkywpsfXfDiJh9kZB4cGd8V00rAZPK4387YEjgpBKTO6AL_hvdCBK-zk-lePexeFJKhGuvX2d3gM9D6lN_vu-5W6EodNzOF9J2Li1_PuDgGbdyZcn356m0tL3G--5XJUlvj-zMPhFWWyAMJASkJ4e12_b9jm6haJ35D-Eak0wDM_wj0OBJ4LBxujM6R3x8vqTamEpR8s51gC6Wqy_hRUX1fkEeiDZ-7dpKWbCyA8o2eXF7oXDVWtC5j5PDiQytrjqQKOuGND0SQ7Sn4-1oYlSsEX5V00Gxgw8myt9ITorsG9OyRa9-o8JvvajaojYYHQn-m2UppUYsvFCSh4lPNTdwSapBdr81rGuTStFtiawe3U3Yf2HNJfaQjY--ZKuel7h06EhAn-2rxYfglTHsa-0iA3ITNeIBWrLXxzbDExifDs1TqDs8MHx0M1pv3I4x5dUSWmYZ66CPv4XgaXRGzM__d7srKEiJ7SBaGURoptuFuxkvMsPTHVDHodF2kt_LfwNryjK6yFfn01NUgO1cXLZVtrZVqU9zRqE6gsUb9nRyVlJQnfSCugG23iArNrunQUohYX_8BQ1u5p-P6HUuNonm4wQMiS7tS3yf2spAzeQ0fqWmSDp1xmFi30WaBTtD7rqRJUBgcQsf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame 2B29 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=iobit-malware-fighter.softonic.cn&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://iobit-malware-fighter.softonic.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 13:28:16 GMT
server
Kestrel
server-processing-duration-in-ticks
820623
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
event
sslwidget.criteo.com/ 		20 B
365 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=49095&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D0a67c93e-96d5-11e6-9c20-00163ed833e7&p3=e%3Ddis&adce=1&tld=softonic.cn&fu=https%253A%252F%252Fiobit-malware-fighter.softonic.cn%252F&ceid=9e2e699a-6971-4a41-bc37-379eeccabaeb&dtycbr=64817
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
1becc3540a3ea6804b73defa8cf1308bb04b2bce536b18cb9ac3b4eae6bbc21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://iobit-malware-fighter.softonic.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
8106671
timing-allow-origin
*
expires
0
sid
mug.criteo.com/ Frame 2B29
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=softonic.cn&sn=ChromeSyncframe&so=0&topUrl=iobit-malware-fighter.softonic.cn&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=zS1yoXxRMzdjeUFnOEZxYVBIMjAxdnVtVTdjZnFwTFdsMElHbElZS2ZLbzUvUktsS21QSFBhS0Vydytta3c4a051NzNlcnNGNmQzdmZjSm9nNkxoMGN5RGFvT2JBcGpzYWo0UXpHUzByY3ZPTGh2Z0VRd09zMzVBczNuTn...
425 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zS1yoXxRMzdjeUFnOEZxYVBIMjAxdnVtVTdjZnFwTFdsMElHbElZS2ZLbzUvUktsS21QSFBhS0Vydytta3c4a051NzNlcnNGNmQzdmZjSm9nNkxoMGN5RGFvT2JBcGpzYWo0UXpHUzByY3ZPTGh2Z0VRd09zMzVBczNuTnRKam1wK3VVa1NWR3NweitqVmZvZmxGUzFrRWg1OXArYnNNQi9zUytGbTQwVlNkb1NMVTZHYWRnNS8vYWIyeGMrdnluZU9mc3o5SkZ5dmdSU29RS1RVZVV3NzdpRmxXZEI3R0tMc1FPUFFLYUZCZ0ZTeEFqMlBQWENXOHFTa0w1VzdnZTFaUTZWbXdNNkM0MjJLNzBWdDRkdUR0LzJ1dz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
09a9094620da7d7386334148ccd96c79dce770b902aa17b0b096902f465bfff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2391489
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Jun 2023 13:28:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=zS1yoXxRMzdjeUFnOEZxYVBIMjAxdnVtVTdjZnFwTFdsMElHbElZS2ZLbzUvUktsS21QSFBhS0Vydytta3c4a051NzNlcnNGNmQzdmZjSm9nNkxoMGN5RGFvT2JBcGpzYWo0UXpHUzByY3ZPTGh2Z0VRd09zMzVBczNuTnRKam1wK3VVa1NWR3NweitqVmZvZmxGUzFrRWg1OXArYnNNQi9zUytGbTQwVlNkb1NMVTZHYWRnNS8vYWIyeGMrdnluZU9mc3o5SkZ5dmdSU29RS1RVZVV3NzdpRmxXZEI3R0tMc1FPUFFLYUZCZ0ZTeEFqMlBQWENXOHFTa0w1VzdnZTFaUTZWbXdNNkM0MjJLNzBWdDRkdUR0LzJ1dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
340285
content-length
0
expires
0

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| credentialless object| onbeforetoggle object| onscrollend boolean| gdprAppliesGlobally object| didomiConfig function| __uspapi object| dataLayer object| revamp function| gtag function| gtag_report_conversion function| _googCsa object| revampAdRendered object| eventTracker string| deviceType object| criteo_q string| GoogleAnalyticsObject function| ga object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| webpackJsonp object| webpackChunk_softonic_revamp_api object| googletag function| tdDisplaySlots function| tdDisplayInterstitial object| apstag object| pbjs function| hj object| _hjSettings function| onYouTubeIframeAPIReady object| didomiEventListeners object| didomiOnReady object| ggeac object| google_js_reporting_queue object| pbjsChunk object| _pbjsGlobals object| mnet number| googleNDT_ number| googleAltLoader object| google object| __uspapiBuffer function| __sasCookie object| webpackChunkDidomi object| Didomi object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| DD_RUM boolean| apstagLOADED object| apscustom object| _aps undefined| google_measure_js_timing object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| GooglebQhCsO object| gaplugins object| gaGlobal object| globalParamsObj object| dataGlobalJson string| rawJson string| userId object| countryRegions string| countryCode string| countryNormalize string| regionNormalize string| userBrowserLanguage string| localeNormalize string| pageIdNormalize string| categoryNormalize string| platformIdNormalize object| YK object| YKConf object| Jaml function| hideYK function| fadeOutYK function| fadeOutYK2 function| setOpacityYK function| fadeYK function| fadeInYK function| ykShow function| ykHide function| getElm object| gaData function| __tcfapi object| DidomiSanitizing object| didomiState object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| Waypoint function| setImmediate function| clearImmediate object| ID5

86 Cookies

Domain/Path Name / Value
.softonic.cn/ Name: _usr_orgn
Value: direct
.softonic.cn/ Name: _swo_pos
Value: 915
.softonic.cn/ Name: _gcl_au
Value: 1.1.870751483.1686230886
.softonic.cn/ Name: persistent.fpmUserId
Value: e8321af6-06b3-4354-96e9-8b5692d93e12
.softonic.cn/ Name: session.fpmSessionId
Value: 0d74228d-aab4-4431-8558-e6351ea53ac8
iobit-malware-fighter.softonic.cn/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.softonic.cn/ Name: rv_google_ppid
Value: 7f1b9fa4-94ce-4cc3-8981-ba1221cd2b6c
.softonic.cn/ Name: __gsas
Value: ID=dcd92ea7b614117f:T=1686230886:RT=1686230886:S=ALNI_MZzruOGHoInqQ0-2GiTWwiad9c9tQ
.softonic.cn/ Name: _ga_R5K71YRXMV
Value: GS1.1.1686230886.1.0.1686230886.60.0.0
.softonic.cn/ Name: _hjSessionUser_424839
Value: eyJpZCI6ImU0MWYwZGQwLWFjZjItNTdmNi05OWUyLWU2YzkyNDEwZDg3NSIsImNyZWF0ZWQiOjE2ODYyMzA4ODcxMzksImV4aXN0aW5nIjpmYWxzZX0=
.softonic.cn/ Name: _hjFirstSeen
Value: 1
.softonic.cn/ Name: _hjIncludedInSessionSample_424839
Value: 1
.softonic.cn/ Name: _hjSession_424839
Value: eyJpZCI6IjFkYTMxYmE1LWI2NjUtNDYyMi04MWVmLThlMzVlZGYwNTRhNSIsImNyZWF0ZWQiOjE2ODYyMzA4ODcxNTIsImluU2FtcGxlIjp0cnVlfQ==
.softonic.cn/ Name: _hjAbsoluteSessionInProgress
Value: 0
iobit-malware-fighter.softonic.cn/ Name: _hjHasCachedUserAttributes
Value: true
.softonic.cn/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.softonic.cn/ Name: _ga
Value: GA1.2.1002708125.1686230887
.softonic.cn/ Name: _gid
Value: GA1.2.1354426749.1686230887
.iobit-malware-fighter.softonic.cn/ Name: _ga
Value: GA1.3.1002708125.1686230887
.iobit-malware-fighter.softonic.cn/ Name: _gid
Value: GA1.3.1354426749.1686230887
.doubleclick.net/ Name: IDE
Value: AHWqTUn1OE6Ph84LRUipnJV6IP9icJBva1A7BOTjaT4L_5i294whkwlUVGHvuCEuXgY
.softonic.cn/ Name: __gads
Value: ID=925caef4ef033f00:T=1686230887:RT=1686230887:S=ALNI_MY84u9NAceSFHzHodzNBSw9f_DkTA
.softonic.cn/ Name: __gpi
Value: UID=00000c458cefdbe8:T=1686230887:RT=1686230887:S=ALNI_MY6-8jAH_ETNwN6vCk4WQE3c3EFhw
.amazon-adsystem.com/ Name: ad-id
Value: A4ddUFVPz0_Ho9q76UMyvlI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.id5-sync.com/ Name: id5
Value: d140cfe9-f937-7ec9-a080-c2dc9692e6c2#1686230887907#1
.casalemedia.com/ Name: CMID
Value: ZIHXaLR1NnDOghLlfgqgVQAA
.casalemedia.com/ Name: CMPS
Value: 1415
.casalemedia.com/ Name: CMPRO
Value: 1415
.openx.net/ Name: i
Value: ad235698-aec6-06af-0717-7bd937851227|1686230888
.gumgum.com/ Name: vst
Value: u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932
.3lift.com/ Name: tluid
Value: 1727900444351892618011
.smartadserver.com/ Name: pid
Value: 7241001127042410615
.openx.net/ Name: pd
Value: v2|1686230888|vMgavPkWgy
.contextweb.com/ Name: V
Value: bLM7FHTiJAdX
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1l1k|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7b8f0cfaae69c95c
.adnxs.com/ Name: uuid2
Value: 4051888546865684590
.technoratimedia.com/ Name: tads_uidp_88
Value: 366077880833468879370
.technoratimedia.com/ Name: tads_uidp_46
Value: 9177197433344590691
.technoratimedia.com/ Name: tads_uidp_37
Value: 21a321ff-5488-3681-9798-faecba05d912
.technoratimedia.com/ Name: tads_uidp_80
Value: y-vRmuRQ5E2uH5K_eNtw81x5iw_nvCgxhS~A
.technoratimedia.com/ Name: tads_uidp_62
Value: 3292324216634135000V10
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-e7fbfda8-a621-452c-9233-f832b6321339-005
.technoratimedia.com/ Name: tads_uid
Value: A42684DA40694E48B36D7397BF65523E
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230604073159+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.yahoo.com/ Name: A3
Value: d=AQABBGjXgWQCEAyVFhU_YUfmdUli9QvBcKgFEgEBAQEog2SLZAAAAAAA_eMAAA&S=AQAAAhE3ghde_7-rkF21KM_IGII
.outbrain.com/ Name: obuid
Value: 1b34b170-7267-4bd7-8b1a-7bcacc845d48
.company-target.com/ Name: tuuid
Value: 9e72237e-0c6a-4e8b-a151-4ef2d23b9dd5
.company-target.com/ Name: tuuid_lu
Value: 1686230888|ix:0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZIHXaAAQLCdviwBL
.mathtag.com/ Name: uuid
Value: 85ed6481-d768-4600-869f-20886a69d550
.bidswitch.net/ Name: tuuid
Value: 456b4b69-dd0a-4acc-85aa-daffd9807d36
.bidswitch.net/ Name: c
Value: 1686230888
.bidswitch.net/ Name: tuuid_lu
Value: 1686230888
.taboola.com/ Name: t_gid
Value: a58d7523-cba2-48df-8309-7c9920e33ba0-tuctb7b5ce8
.deepintent.com/ Name: CDIUSER
Value: di_d941c3fecddf495391179
.zemanta.com/ Name: zuid
Value: 336Qg1ufnM33vzqHdcZB
.ipredictive.com/ Name: cu
Value: 91109730-4e3f-4868-86dd-10c1a5f7e229|1686230888394
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0a85bc50-c7c1-5123-545e-ff63a719c296.o8wo905Cjmk1PwEW5BA7o%2F8xPDEJ%2F8jKGOyzwXR8Gi0
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ACoW8UMfBUSNUXv9jpxnClmAJ-Sg.RuHCbO5TnBck8%2F2VQKwO41BY2dc9o2BXEYCEIDw8cTg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ACoW8UMfBUSNUXv9jpxnClmAJ-Sg.RuHCbO5TnBck8%2F2VQKwO41BY2dc9o2BXEYCEIDw8cTg
.turn.com/ Name: uid
Value: 8586564380717791997
.adsrvr.org/ Name: TDID
Value: 0a441050-130f-4faa-9817-71fafc854956
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7ae8b7e3-8b29-4305-b08f-8db611fd254e-005%22%7D
.openx.net/ Name: univ_id
Value: 537072971|0a441050-130f-4faa-9817-71fafc854956|1686230888501306
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7ae8b7e3-8b29-4305-b08f-8db611fd254e-005%22%7D
.rubiconproject.com/ Name: khaos
Value: LIN6C0RT-25-JG5X
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22142%22%3A%2220230608%22%7D
.creativecdn.com/ Name: u
Value: YXPRNcrJ7lpREJNe5rHO
.creativecdn.com/ Name: ts
Value: 1686230888
.bluekai.com/ Name: bku
Value: ikG99sMUQVHB6uRL
.bluekai.com/ Name: bkpa
Value: KJhz06awLp9Rywaw6dKTCSKeFj4amaAot95D0Q32kPvPMvau1BAIF57aQX5ddFZ+4EIfB5OQIdIrflSDHL2Fy4/b/3U4N0dKVqldBfZr7lqFXdpoYq67y9iyBFYU6SbrfZpstSpLh8A9Vf0qdsV6OaQfnm8AKQn1ZZaGMEl5csD5GUsIO88rRL7ErGhY/4sGKHvJ9gamikeAs//Y/K1XPcdIPCtKOmOHkSCaQlZPwaeJLRgDgX+AhiL+AfhXyDNEwtojjnzmJHELAvxBxJgIe9OzQD+c
.socdm.com/ Name: SOC
Value: ZIHXaMCo5tEAANykFCYAAAAA
.360yield.com/ Name: tuuid
Value: 9d112edc-7c27-4fc9-bf5d-358db08c77a6
.360yield.com/ Name: tuuid_lu
Value: 1686230888
.tapad.com/ Name: TapAd_TS
Value: 1686230888837
.tapad.com/ Name: TapAd_DID
Value: d044f0b0-8e39-4fcd-8aae-f0e51c9541d9
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCLjfsrbHi_Q7EAUSFAoFdGFwYWQSCwjmr7-3x4v0OxAFGAEgASgCMgsI5qfC5N2L9DsQBTgBWgV0YXBhZGAC
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!3829
.rubiconproject.com/ Name: audit
Value: 1|H45xKmq7W3rtTxr+nzwz15VS3hyPXQeMf4J+IW3oWoDhj9K5Ghav9TOOa1QZWZFtpLqVIYzNPP7qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.linkedin.com/ Name: bcookie
Value: "v=2&1294c719-4354-4db1-8bf9-54a579f68298"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2954:u=1:x=1:i=1686230889:t=1686317289:v=2:sig=AQEyNV9tDf8DdxE8ha7HsuFieAlnN1aO"
.google.com/ Name: NID
Value: 511=ivgWMRIFyCxijW_8LZJ4KJ-EGoMej4xcTYf2kOJzLXcaX22cFXrTy0sbP6nlc7fSaY4lUFm4SRUhqG8B25FtOw18iL61b2qZsSRTMnWpAIIfgjr7VquPdYwTW4tTPvKL_tj4WoDVUcmetP-lrhPfzoMWp3Vm9HRyurrTWBcEUYc
iobit-malware-fighter.softonic.cn/ Name: _dd_s
Value: rum=0&expire=1686231786661

3 Console Messages

Source Level URL
Text
other warning URL: https://www.google.com/adsense/search/ads.js(Line 211)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_5a00bd3f-fa1a-4dc2-b06d-a1c9977ec932&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
adservice.google.com
afs.googleusercontent.com
ampcid.google.com
analytics.google.com
api.privacy-center.org
b1sync.zemanta.com
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
cdn.id5-sync.com
cm.g.doubleclick.net
cm.rtbsystem.com
creativecdn.com
cs.admanmedia.com
cs.iqzone.com
daf55e48a09733e8cccaf02dca709b2a.safeframe.googlesyndication.com
dnlgm0m0r44nl.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hades.srvtrck.com
i.srvtrck.com
id5-sync.com
images.sftcdn.net
iobit-malware-fighter.softonic.cn
js.srvtrck.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
mug.criteo.com
notix.io
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
r.bidswitch.net
rtb.gumgum.com
s.amazon-adsystem.com
s.company-target.com
sc.sftcdn.net
script.hotjar.com
sdk.privacy-center.org
search.srvtrck.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
softonic.cn
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
sslwidget.criteo.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
us-u.openx.net
usersync.gumgum.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.127.84.215
108.138.106.124
108.138.107.138
108.139.38.124
13.225.224.171
139.45.240.92
141.226.224.48
142.251.32.98
142.251.40.166
151.101.193.91
151.101.66.49
162.19.138.116
162.19.138.117
169.197.150.8
174.137.133.32
18.164.96.77
18.164.98.157
184.50.204.192
184.50.205.247
185.184.8.90
192.40.39.223
198.148.27.139
199.127.204.147
199.187.193.182
2001:4860:4802:38::181
202.241.208.54
23.105.12.171
23.73.244.44
2600:1400:d:5a0::29cc
2600:1f18:4e9:5a02:71d0:2e3a:4d87:7371
2600:9000:2510:6600:5:b7cc:d3c0:93a1
2600:9000:2512:6c00:d:2044:5c40:93a1
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:10::6816:3456
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700:3037::6815:444a
2606:4700::6812:cddb
2606:4700::6812:cedb
2607:f8b0:4004:c1b::9c
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2008
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::2010
2607:f8b0:4006:824::2004
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
3.81.178.203
34.111.113.62
34.196.5.17
34.199.137.96
34.231.15.60
34.96.71.22
35.172.99.217
35.211.118.13
35.211.178.172
35.227.233.104
35.244.159.8
35.71.131.137
35.71.139.29
52.2.125.106
52.46.130.91
52.95.122.74
64.74.236.31
68.67.160.186
69.173.151.100
70.42.32.255
74.119.119.139
74.119.119.150
74.121.140.211
8.2.111.13
8.43.72.98
80.77.87.162
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
03b4b4fd940186d83bff52df5eeeea4cdd8ac0cb2be5c3f91b5f92e24b7d37ca
0541ad9513d9b600d94e2747ab185a67c4d84155c0a734c7f7ead4dec03e40ee
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09a9094620da7d7386334148ccd96c79dce770b902aa17b0b096902f465bfff6
0a81cb956c106059e677fe59e2068043c526758509a728bfb0410bd67810ade7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f4a47d882fa70b3e4d9fd09fe39f679587dfb4ec5328b04b2096df1bb516d34
10a5808371592a9f07e1ecce9be088f66d9a6522e0de67bbc50dbc796eb459ea
10fe36278af5ec590acb10c83ed5f99e70a4f07943cd465402d24d42c4392153
165cf2dabdfef9e471faac04cd1d527bd2e5f83dc1126e2bf04a75f645c2581a
1a89b0d8913bd738c82202577aaa5c5125e75e691c9f7e880421ed33f64833db
1ba820115749e3b6149b0e4f0fdf589c39f64c3ef2462ceb60eca6a5d4e512bb
1bb8f50ee00a4e1a61a5eb1f7b9dd923a016d5e8d4f2ee950f878dc6c84f98e2
1becc3540a3ea6804b73defa8cf1308bb04b2bce536b18cb9ac3b4eae6bbc21c
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d
23d90ea2ece52f40266b7bb6a20e07e5dea1279712cd17418a3379a2348025fe
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
28d7bc555e15069e8c0594fed70274f137e15bee2da5ed481ea286b2759a03f7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c2087503381f85b10fa502da19a3b56077af284d4d60d620b902c9957729038
2dce3035cfadf3932bd8bd977f5d9c11e1e49df39092c4de36968fbbf0d81a04
2ed85722b143d0c54f95a355a412a8de294c019139a670b65f515189b932fbc3
2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7
344d910c159876ec52b39cc4644cfcfe0225114476f99da15b60804d5e4fc854
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
431c129d1825b951917ade90bc12eeffa0c593dfabedb9065863661e80a8774d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44900482b51fe7f0be37b2821a6601cd9b4c9a29876e69252898ea0163c162d0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b0e03904e02e7eca3f4581d391bbe828b44642f9805a7fcc66c2ea38c0ca088
4c452c02c8311e0c88642fe201e1e4b96c6d7cd3af94ce31545b071fea782941
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee3f406a9c09f5e1f4674a792ef5398ea686c5d5e81775abc32863ac741297f
508d8f59b7207512bce7aecf9eff62c2c8eb048065b60d53b735704529294b73
524bd626e49968f902cbdac319e96860286ead2b2cc3acdfd3b7399a32ebf7f2
54b5954adefb4420d3bd25b0c5389f22b03cf6664fedfb21f16bb513234670af
55905f7b3c0cb367751791a71d4c4c6518d40275f764685a0cbf00ffec6a8804
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a9914278a034d94c2dc8ae70a27633ba580c10d63016ce00a614f92f73761c0
5ef5073c6e8dcffe3f6e5c98082c0ff1e5f030aad0d0008d30e3140085c84917
5f9122900c5989276beb1620e507610c376d878ae9ffdbac1880f361c4915dd7
6013dd227ad30224ebd630d4ecc6f72da07367f4d683daf3c850f6e8fe6d52cd
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625a58209585a0233f023ab9973809edaf28b1446402edc069ff71d4533881b5
63138680bf8ed8595f713c7aca78cde07dce052fe529e7acca220534a334ca16
6359701a54d27476663aae30b19a0a2c77d83635f997f6a795cdd57e3e1f4a8c
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65a5f06c8dff9cd0ceb7c0e4b48d917bdc8ed613a0cb281e1cc82a4cefb2a2ed
66ad2df66f206b2f83d01cbacc150f9bc31fa9c31125132e7dd4eb095236e9b9
694be427f6c5df1f75601931ea4ce925e85965bb3b856390bd4e6e307365a9b0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b80472ac7d3c365cbef568dfc2e0c2bcd15e046b93576338d4f872ecb384e14
6e35dd0d764d3e086e68847cab1b4ff9f0b2d6ecf2742e559cef241b2e359839
6ef4ec79abf2124328933f87b397b40528f041cad0684e42b0b8c24bea5eac31
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7437abe7514368ac49a7146a8f763c1a87979037b1d48cc923eb0b9bd7665511
74cfe810b9c516f53664b35c4f89e90073fbbd03da994fc299636dc0bc3ae23d
74e9e0b0ddf0f5ca3ef65df8d565cce03a7612817ff6dde265f2222fb85a2525
7516842ff556ff708e84893bf1006bf21e38f04a3374d64b64fb4db461b8c49c
7829a2e0baa0fa87afc408cb1d889967e9eef87199076fbf33ccf7e3563e597a
78f25d6cd821c8250eadd361a915e33a938783f1138e4adb14678f942fe1c130
7e94c05e6eae30466ae4ad1203e141bfd4f69d393dba4776b1fec5b5b8e4f785
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
80cd4bb42ae5db873104aef0b9cb4f6e55d72ea7440eae108640d9779d258c14
8117ea09b5caab594dd88ba8826f107ef9f3a5f91e36b1f89672b03dc33ae48e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b077b5f9babf877ed023e27e7c25e2a2732e5de2a83eefc79c1dbea39069956
8bd9a27a2d1cd3d74f69b3b687467eb93ee4171ed6a7c43156f5940bc2010888
8c9bcb9bf936acdbc6227923a32372aeb51c09d5e3de1d898ed27fcdf8698749
8e15341f963cdd48221f957ac1d098aa438b596ac8cdecf70be9bc3195c1f5da
95e43e9195d0e8609b7da5f62f50bb235602833541ba49f8bff83a69133b9a5a
95fe181a05e5300ebd06f7ff4a43313146da6c6cc03eede234e031c2a3523e25
96bb42b23d3e2d7db6c944b3aa3a435c523a46e3821e3329a2366640b4867980
9751d779ee946613ec1801770348ecc5a3bcd5e026492e9423c3aecdc7d16d01
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
991af7dd3de951ca288e28e445bb9bea1787505ee067ff4d871964c216fc430d
9930bdb885545dcee3540a2a8a40d20c0418dbbca239dcd4fc32b13747bb66d4
a14311f907b99d07ca609b0ec3779d2677131345a730bdeb37326531775e82e4
a3a2b7074615ca95c09da5b4eda0abd409c4ea4b3e5a64bf90d563fd93428b2e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
ab9e2fa2d00f6af1986e12b6bdee984d599b0cd890c3c145562da520a8d31ee4
abfd078f657c0395a1b892d5619cde113b7645d1c9ccee92c5e2d5a9dc8efaa3
add7676d3c6829fc53e4bfd72728295b3c6b1ac2680eaf2a55bbbc2b90a18dd7
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cddc4c14c6738e1c16f8fe5fffd28e52ab7af3024e4a54a4fd5d492c8c33c7
b7699910e9f9c4c1b19c137d93844f7b5a145384686cf85ff9c4659939dc9e0c
bbd57bb329c05d9419f71743bb8e6eb5251fe1e3b5dcb3e5dc510d00498bbbd8
c03a3a711cc0d81fce0accde711fe4979f1b56f84ab52f2874772045d8e37188
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
c94516b85607ed0b1e5b5a965577d848e78850a0ba8a64f2bd56ab94b39734f3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caba961cf71d7213df26fc8d5f11212204b5968f62698056ce768dada4656676
cae22a250c5cb90cd727b54a9679d527e4c159fb195931806e6462a1aac080d7
cd45713beee6c2428f11ad6444c6e2a6bbe1bfad330e68002052e9832a5dcc03
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
d38b1a420da22c0fc8aba72117f35b7b9383ca3800862ffdc3bd87ce42ee7966
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
d553613fe7de8f08a345ab1d8e1c0c32ad646a72cc7e591c520f19ba7a7e6e31
d5da18df3c355cfdc34f19c428d0e9f4c814ca2f3ffa5338945ae45a2787d00e
d635d09bda9708c5a14649270950e0943edab5443eb2b2ff0ba1c7ff16bde09f
d6607cbcb769756c631e468ac387ca55bac80e12e631355b5ffc6daf4a32c4a4
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e2ffcffb1c4e27f20814447760fddc99854dc0fe20be26e1cde55eb69455245a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8ec7865f2d8dffcd47b65e40efda889633cc02962596a6bf3d1be6d19a6dd
e5455fe11eef6ea9da6fd8b89ec7d0376cf18b8d863a31fd6f4e13225055049a
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e85624573524f9f1cb5957b3a235d29549a2333233980948ebe72e9640631142
e95b920bf073e6be14a5d5af42251ca723c8759964eab59456cb4e5535850851
eb04b277239f642673bd24a99cef7058cd4d8a795417d75abe2e7e63d9290327
ee3f14d3d63238c163b9276738b18b3b6682c473175b09ec715b82a3ed3c1b2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14e3b1f0c6360b1c162e6d7ea1666ed6822f1a09122e3bb0010847509943ab8
f3646aac2d039a25ab023198c7277ad68e412c8628c2a031773bbb8a7937696d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f95af4cd8402379b8ac853cd076efe929d6412fde2ccfede9e89c1b0bbbce7c3
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1